Vulnerabilities > IBM > Infosphere Information Server > 11.5

DATE CVE VULNERABILITY TITLE RISK
2023-01-20 CVE-2022-41733 Improper Input Validation vulnerability in IBM Infosphere Information Server
IBM InfoSphere Information Server 11.7 could allow a remote attacked to cause some of the components to be unusable until the process is restarted.
network
low complexity
ibm CWE-20
5.3
2020-10-12 CVE-2020-4741 Cross-site Scripting vulnerability in IBM Infosphere Information Server 11.5/11.7
IBM InfoSphere Information Server 11.5 and 11.7 is vulnerable to stored cross-site scripting.
network
ibm CWE-79
3.5
2020-10-12 CVE-2020-4740 Injection vulnerability in IBM Infosphere Information Server 11.5/11.7
IBM InfoSphere Information Server 11.5 and 11.7 is vulnerable to HTML injection.
4.3
2020-04-16 CVE-2020-4347 Improper Privilege Management vulnerability in IBM Infosphere Information Server 11.3/11.5/11.7
IBM InfoSphere Information Server 11.3, 11.5, and 11.7 could be subject to attacks based on privilege escalation due to inappropriate file permissions for files used by WebSphere Application Server Network Deployment.
network
low complexity
ibm CWE-269
7.5
2020-03-10 CVE-2020-4162 Cross-site Scripting vulnerability in IBM Infosphere Information Server 11.5/11.7
IBM InfoSphere Information Server 11.5 and 11.7 is vulnerable to cross-site scripting.
network
ibm CWE-79
3.5
2019-07-01 CVE-2019-4237 Cross-site Scripting vulnerability in IBM products
A Cross-Frame Scripting vulnerability in IBM InfoSphere Information Server 11.3, 11.5, and 11.7 can allow an attacker to load the vulnerable application inside an HTML iframe tag on a malicious page.
network
low complexity
ibm CWE-79
5.4
2019-06-17 CVE-2018-1845 XXE vulnerability in IBM products
IBM InfoSphere Information Server 11.3, 11.5, and 11.7 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data.
network
low complexity
ibm CWE-611
7.1
2019-04-25 CVE-2019-4238 Cross-site Scripting vulnerability in IBM products
IBM InfoSphere Information Server 11.3, 11.5, and 11.7 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2019-04-02 CVE-2018-1917 Information Exposure vulnerability in IBM products
IBM InfoSphere Information Server 11.3, 11.5, and 11.7 could allow an authenticated user to access JSP files and disclose sensitive information.
network
low complexity
ibm CWE-200
4.0
2019-04-02 CVE-2018-1906 Unspecified vulnerability in IBM products
IBM InfoSphere Information Server 11.3, 11.5, and 11.7could allow an authenticated user to download code using a specially crafted HTTP request.
network
low complexity
ibm
4.0