Shodan
Vulnerabilities
Vulnerable Software
Ibm:  >> Infosphere Information Server  >> 11.7  Security Vulnerabilities
CVE-2022-22322
IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 218370.
CVSS Score
5.4
EPSS Score
0.002
Published
2022-04-28
CVE-2022-22427
IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 223720.
CVSS Score
5.2
EPSS Score
0.002
Published
2022-04-28
CVE-2022-22441
IBM InfoSphere Information Server 11.7 could allow an authenticated user to view information of higher privileged users and groups due to a privilege escalation vulnerability. IBM X-Force ID: 224426.
CVSS Score
6.5
EPSS Score
0.002
Published
2022-04-28
CVE-2022-22443
IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 224440.
CVSS Score
5.4
EPSS Score
0.002
Published
2022-04-28
CVE-2021-38952
IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 211408.
CVSS Score
5.4
EPSS Score
0.002
Published
2022-04-28
CVE-2021-38887
IBM InfoSphere Information Server 11.7 could allow an authenticated user to obtain sensitive information from application response requests that could be used in further attacks against the system. IBM X-Force ID: 209401.
CVSS Score
4.3
EPSS Score
0.002
Published
2021-11-10
CVE-2021-29737
IBM InfoSphere Data Flow Designer Engine (IBM InfoSphere Information Server 11.7 ) component has improper validation of the REST API server certificate. IBM X-Force ID: 201301.
CVSS Score
5.9
EPSS Score
0.001
Published
2021-11-02
CVE-2021-29738
IBM InfoSphere Data Flow Designer (IBM InfoSphere Information Server 11.7 ) is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force ID: 201302.
CVSS Score
5.4
EPSS Score
0.002
Published
2021-11-02
CVE-2021-29771
IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
CVSS Score
5.4
EPSS Score
0.003
Published
2021-11-02
CVE-2021-29875
IBM InfoSphere Information Server 11.7 could allow an attacker to obtain sensitive information due to a insecure third party domain access vulnerability. IBM X-Force ID: 206572.
CVSS Score
5.9
EPSS Score
0.003
Published
2021-11-02


Products
Pricing
Contact Us

Shodan ® - All rights reserved