Vulnerabilities (CVE)

Filtered by vendor Ibm Subscribe
Filtered by product Infosphere Information Server
Total 156 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2025-1499 1 Ibm 2 Infosphere Information Server, Infosphere Information Server On Cloud 2025-06-09 N/A 6.5 MEDIUM
IBM InfoSphere Information Server 11.7 stores credential information for database authentication in a cleartext parameter file that could be viewed by an authenticated user.
CVE-2025-1138 1 Ibm 2 Infosphere Information Server, Infosphere Information Server On Cloud 2025-06-04 N/A 4.3 MEDIUM
IBM InfoSphere Information Server 11.7 could disclose sensitive information to an authenticated user that could aid in further attacks against the system through a directory listing.
CVE-2022-40748 3 Ibm, Linux, Microsoft 4 Aix, Infosphere Information Server, Linux Kernel and 1 more 2025-05-22 N/A 5.4 MEDIUM
IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 236586.
CVE-2022-40747 3 Ibm, Linux, Microsoft 4 Aix, Infosphere Information Server, Linux Kernel and 1 more 2025-05-05 N/A 9.1 CRITICAL
"IBM InfoSphere Information Server 11.7 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 236584."
CVE-2022-30615 3 Ibm, Linux, Microsoft 4 Aix, Infosphere Information Server, Linux Kernel and 1 more 2025-05-05 N/A 5.4 MEDIUM
"IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 227592.
CVE-2022-30608 3 Ibm, Linux, Microsoft 4 Aix, Infosphere Information Server, Linux Kernel and 1 more 2025-05-05 N/A 8.8 HIGH
"IBM InfoSphere Information Server 11.7 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a "user that the website trusts. IBM X-Force ID: 227295.
CVE-2022-22442 3 Ibm, Linux, Microsoft 5 Aix, Infosphere Information Server, Infosphere Information Server On Cloud and 2 more 2025-05-05 N/A 6.5 MEDIUM
"IBM InfoSphere Information Server 11.7 could allow an authenticated user to access information restricted to users with elevated privileges due to improper access controls. IBM X-Force ID: 224427."
CVE-2022-22425 3 Ibm, Linux, Microsoft 4 Aix, Infosphere Information Server, Linux Kernel and 1 more 2025-05-05 N/A 9.8 CRITICAL
"IBM InfoSphere Information Server 11.7 is potentially vulnerable to CSV Injection. A remote attacker could execute arbitrary commands on the system, caused by improper validation of csv file contents. IBM X-Force ID: 223598."
CVE-2022-40235 3 Ibm, Linux, Microsoft 4 Aix, Infosphere Information Server, Linux Kernel and 1 more 2025-05-02 N/A 6.5 MEDIUM
"IBM InfoSphere Information Server 11.7 could allow a user to cause a denial of service by removing the ability to run jobs due to improper input validation. IBM X-Force ID: 235725."
CVE-2022-35717 3 Ibm, Linux, Microsoft 4 Aix, Infosphere Information Server, Linux Kernel and 1 more 2025-05-02 N/A 7.8 HIGH
"IBM InfoSphere Information Server 11.7 could allow a locally authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request. IBM X-"Force ID: 231361.
CVE-2022-35642 3 Ibm, Linux, Microsoft 4 Aix, Infosphere Information Server, Linux Kernel and 1 more 2025-05-02 N/A 5.4 MEDIUM
"IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 227592."
CVE-2015-7493 1 Ibm 1 Infosphere Information Server 2025-04-20 1.9 LOW 4.7 MEDIUM
IBM InfoSphere Information Server could allow a local user under special circumstances to execute commands during installation processes that could expose sensitive information.
CVE-2017-1321 1 Ibm 2 Infosphere Information Server, Infosphere Information Server On Cloud 2025-04-20 4.3 MEDIUM 6.1 MEDIUM
IBM InfoSphere Information Server 9.1, 11.3, and 11.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 125916.
CVE-2017-1467 1 Ibm 2 Infosphere Information Server, Softlayer 2025-04-20 6.8 MEDIUM 8.1 HIGH
A network layer security vulnerability in InfoSphere Information Server 9.1, 11.3, and 11.5 can lead to privilege escalation or unauthorized access. IBM X-Force ID: 128466.
CVE-2016-5984 1 Ibm 2 Infosphere Information Server, Infosphere Information Server On Cloud 2025-04-20 4.3 MEDIUM 6.1 MEDIUM
IBM InfoSphere Information Server is vulnerable to cross-frame scripting, caused by insufficient HTML iframe protection. A remote attacker could exploit this vulnerability using a specially-crafted URL to navigate to a web page the attacker controls. An attacker could use this vulnerability to conduct clickjacking or other client-side browser attacks.
CVE-2016-8999 1 Ibm 3 Infosphere Datastage, Infosphere Information Server, Infosphere Information Server On Cloud 2025-04-20 3.5 LOW 5.4 MEDIUM
IBM InfoSphere Information Server contains a Path-relative stylesheet import vulnerability that allows attackers to render a page in quirks mode thereby facilitating an attacker to inject malicious CSS.
CVE-2017-1469 1 Ibm 1 Infosphere Information Server 2025-04-20 4.6 MEDIUM 7.8 HIGH
IBM InfoSphere Information Server 9.1, 11.3, and 11.5 could allow a local user to gain elevated privileges by placing arbitrary files in installation directories. IBM X-Force ID: 128468.
CVE-2017-1495 1 Ibm 1 Infosphere Information Server 2025-04-20 4.0 MEDIUM 4.9 MEDIUM
IBM InfoSphere Information Server 9.1, 11.3, and 11.5 could allow a privileged user to cause a memory dump that could contain highly sensitive information including access credentials. IBM X-Force ID: 128693.
CVE-2017-1468 1 Ibm 2 Infosphere Information Server, Softlayer 2025-04-20 4.6 MEDIUM 7.8 HIGH
IBM InfoSphere Information Server 9.1, 11.3, and 11.5 could allow a local user to gain elevated privileges by placing arbitrary files in installation directories. IBM X-force ID: 128467.
CVE-2017-1383 1 Ibm 2 Infosphere Information Server, Softlayer 2025-04-20 6.4 MEDIUM 9.1 CRITICAL
IBM InfoSphere Information Server 9.1, 11.3, and 11.5 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 127155.