Ibm: >> Infosphere Streams >> 4.0.1 Security Vulnerabilities
IBM InfoSphere Streams 4.0, 4.1, and 4.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 127632.
CVSS Score
5.4
EPSS Score
0.002
Published
2017-08-10
IBM InfoSphere Streams before 4.0.1.2 and IBM Streams before 4.1.1.1 do not properly implement the runAsUser feature, which allows local users to obtain root group privileges via unspecified vectors.
CVSS Score
7.0
EPSS Score
0.0
Published
2016-07-02