Ibm: >> Infosphere Information Server Security Vulnerabilities
IBM InfoSphere Information Server 11.7 stores credential information for database authentication in a cleartext parameter file that could be viewed by an authenticated user.
CVSS Score
6.5
EPSS Score
0.0
Published
2025-06-01
IBM InfoSphere Information Server 11.7 could disclose sensitive information to an authenticated user that could aid in further attacks against the system through a directory listing.
CVSS Score
4.3
EPSS Score
0.0
Published
2025-05-15
IBM InfoSphere Information Server 11.7 could allow a remote user to obtain sensitive version information that could aid in further attacks against the system.
CVSS Score
5.3
EPSS Score
0.0
Published
2025-01-24
IBM InfoSphere Information Server 11.7 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system.
CVSS Score
6.5
EPSS Score
0.001
Published
2025-01-17
IBM InfoSphere Information Server 11.7 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim.
CVSS Score
5.2
EPSS Score
0.001
Published
2024-12-19
IBM InfoSphere Information Server 11.7 could allow an authenticated user to GUI to not load or stop working due to improper input validation.
CVSS Score
6.5
EPSS Score
0.001
Published
2024-12-12
IBM InfoSphere Information Server 11.7 could allow an authenticated user to obtain sensitive information when a detailed technical error message is returned in a stack trace. This information could be used in further attacks against the system.
CVSS Score
4.3
EPSS Score
0.0
Published
2024-12-11
IBM InfoSphere DataStage Flow Designer (InfoSphere Information Server 11.7) could allow an authenticated user to obtain sensitive information that could aid in further attacks against the system.
CVSS Score
3.1
EPSS Score
0.001
Published
2024-12-11
IBM InfoSphere Information Server 11.7 could allow a privileged user to obtain sensitive information from authentication request headers. IBM X-Force ID: 298277.
CVSS Score
4.9
EPSS Score
0.001
Published
2024-08-15
IBM InfoSphere Information Server could allow an authenticated user to consume file space resources due to unrestricted file uploads. IBM X-Force ID: 298279.
CVSS Score
6.5
EPSS Score
0.002
Published
2024-08-15
Page 1