Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Infosphere_information_server
(Ibm)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 148 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2020-02-05 | CVE-2013-0507 | IBM InfoSphere Information Server 8.1, 8.5, 8.7, 9.1 has a Session Fixation Vulnerability | Infosphere_information_server | N/A | ||
| 2017-07-12 | CVE-2017-1321 | IBM InfoSphere Information Server 9.1, 11.3, and 11.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 125916. | Infosphere_information_server, Infosphere_information_server_on_cloud | N/A | ||
| 2019-04-02 | CVE-2018-1917 | IBM InfoSphere Information Server 11.3, 11.5, and 11.7 could allow an authenticated user to access JSP files and disclose sensitive information. IBM X-Force ID: 152784. | Infosphere_information_server, Infosphere_information_server_on_cloud | 6.5 | ||
| 2019-04-02 | CVE-2018-1906 | IBM InfoSphere Information Server 11.3, 11.5, and 11.7could allow an authenticated user to download code using a specially crafted HTTP request. IBM X-Force ID: 152663. | Infosphere_information_server, Infosphere_information_server_on_cloud | 6.5 | ||
| 2019-02-15 | CVE-2018-1727 | IBM InfoSphere Information Server 9.1, 11.3, 11.5, and 11.7 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 147630. | Infosphere_information_server | 9.1 | ||
| 2019-02-15 | CVE-2018-1701 | IBM InfoSphere Information Server 11.7 could allow an authenciated user under specialized conditions to inject commands into the installation process that would execute on the WebSphere Application Server. IBM X-Force ID: 145970. | Infosphere_information_server, Infosphere_information_server_on_cloud | 8.5 | ||
| 2018-10-18 | CVE-2018-1518 | IBM InfoSphere Information Server 11.7 is affected by a weak password encryption vulnerability that could allow a local user to obtain highly sensitive information. IBM X-Force ID: 141682. | Infosphere_information_server, Infosphere_information_server_on_cloud | 5.5 | ||
| 2018-06-05 | CVE-2017-1350 | IBM InfoSphere Information Server 9.1, 11.3, 11.5, and 11.7 could allow a user to escalate their privileges to administrator due to improper access controls. IBM X-Force ID: 126526. | Infosphere_information_server | 7.8 | ||
| 2017-08-02 | CVE-2017-1468 | IBM InfoSphere Information Server 9.1, 11.3, and 11.5 could allow a local user to gain elevated privileges by placing arbitrary files in installation directories. IBM X-force ID: 128467. | Infosphere_information_server | 7.8 | ||
| 2017-08-02 | CVE-2017-1467 | A network layer security vulnerability in InfoSphere Information Server 9.1, 11.3, and 11.5 can lead to privilege escalation or unauthorized access. IBM X-Force ID: 128466. | Infosphere_information_server | 8.1 |