VYPR

Infosphere Information Server

by IBM

CVEs (196)

  • CVE-2024-40689Jul 26, 2024
    risk 0.00cvss epss 0.01

    IBM InfoSphere Information Server 11.7 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify, or delete information in the back-end database. IBM X-Force ID: 297719.

  • CVE-2024-37533Jul 24, 2024
    risk 0.00cvss epss 0.00

    IBM InfoSphere Information Server 11.7 could disclose sensitive user information to another user with physical access to the machine. IBM X-Force ID: 294727.

  • CVE-2024-40690Jul 12, 2024
    risk 0.00cvss epss 0.00

    IBM InfoSphere Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. …

  • CVE-2023-50964Jun 30, 2024
    risk 0.00cvss epss 0.00

    IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM…

  • CVE-2024-28794Jun 30, 2024
    risk 0.00cvss epss 0.00

    IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM…

  • CVE-2023-50953Jun 30, 2024
    risk 0.00cvss epss 0.00

    IBM InfoSphere Information Server 11.7 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned. This information could be used in further attacks against the system. IBM X-Force ID: 275775.

  • CVE-2023-50952Jun 30, 2024
    risk 0.00cvss epss 0.00

    IBM InfoSphere Information Server 11.7 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force ID: 275774.

  • CVE-2024-28797Jun 30, 2024
    risk 0.00cvss epss 0.00

    IBM InfoSphere Information Server 11.7 is vulnerable stored to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. …

  • CVE-2024-31898Jun 30, 2024
    risk 0.00cvss epss 0.00

    IBM InfoSphere Information Server 11.7 could allow an authenticated user to read or modify sensitive information by bypassing authentication using insecure direct object references. IBM X-Force ID: 288182.

  • CVE-2023-50954Jun 30, 2024
    risk 0.00cvss epss 0.00

    IBM InfoSphere Information Server 11.7 returns sensitive information in URL information that could be used in further attacks against the system. IBM X-Force ID: 275776.

  • CVE-2024-31902Jun 30, 2024
    risk 0.00cvss epss 0.00

    IBM InfoSphere Information Server 11.7 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 289234.

  • CVE-2024-35119Jun 30, 2024
    risk 0.00cvss epss 0.00

    IBM InfoSphere Information Server 11.7 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in a stack trace. This information could be used in further attacks against the system. IBM X-Force ID: 290342.

  • CVE-2024-28798Jun 30, 2024
    risk 0.00cvss epss 0.00

    IBM InfoSphere Information Server 11.7 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. …

  • CVE-2023-35022Jun 30, 2024
    risk 0.00cvss epss 0.00

    IBM InfoSphere Information Server 11.7 could allow a local user to update projects that they do not have the authorization to access. IBM X-Force ID: 258254.

  • CVE-2024-28795Jun 30, 2024
    risk 0.00cvss epss 0.00

    IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM…

  • CVE-2024-22352Mar 5, 2024
    risk 0.00cvss epss 0.01

    IBM InfoSphere Information Server 11.7 stores potentially sensitive information in log files that could be read by a local user. IBM X-Force ID: 280361.

  • CVE-2023-50303Feb 28, 2024
    risk 0.00cvss epss 0.00

    IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM…

  • CVE-2023-50955Feb 21, 2024
    risk 0.00cvss epss 0.01

    IBM InfoSphere Information Server 11.7 could allow an authenticated privileged user to obtain the absolute path of the web server installation which could aid in further attacks against the system. IBM X-Force ID: 275777.

  • CVE-2023-33843Feb 21, 2024
    risk 0.00cvss epss 0.00

    IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM…

  • CVE-2023-46174Dec 1, 2023
    risk 0.00cvss epss 0.00

    IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM…

Page 4 of 10