Ibm: >> Infosphere Information Server >> 11.7 Security Vulnerabilities
IBM InfoSphere Information Server 11.7 DataStage Flow Designer
transmits sensitive information via URL or query parameters that could be exposed to an unauthorized actor using man in the middle techniques.
CVSS Score
3.7
EPSS Score
0.0
Published
2025-04-23
IBM InfoSphere Information 11.7 Server does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system.
CVSS Score
6.3
EPSS Score
0.0
Published
2025-04-23
IBM InfoSphere Information Server 11.7 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system.
CVSS Score
2.7
EPSS Score
0.0
Published
2025-03-29
IBM InfoSphere Information Server 11.7 could disclose sensitive user credentials from log files during new installation of the product.
CVSS Score
4.4
EPSS Score
0.0
Published
2025-03-29
IBM InfoSphere Information Server 11.7 could allow an authenticated user to obtain sensitive information that is stored locally under certain conditions.
CVSS Score
5.3
EPSS Score
0.0
Published
2025-03-29
IBM InfoSphere Information Server 11.7
could allow an authenticated to obtain sensitive username information due to an observable response discrepancy.
CVSS Score
4.3
EPSS Score
0.0
Published
2025-03-29
IBM InfoSphere Information Server 11.7 could allow a local user to execute privileged commands due to the improper handling of permissions.
CVSS Score
8.4
EPSS Score
0.0
Published
2025-03-19
IBM InfoSphere Information Server 11.7 could allow a remote user to obtain sensitive version information that could aid in further attacks against the system.
CVSS Score
5.3
EPSS Score
0.001
Published
2025-01-24
IBM InfoSphere Information Server 11.7 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system.
CVSS Score
6.5
EPSS Score
0.001
Published
2025-01-17
IBM InfoSphere Information Server 11.7 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim.
CVSS Score
5.2
EPSS Score
0.0
Published
2024-12-19