11.7

DATE	CVE	VULNERABILITY TITLE	RISK
2025-01-24	CVE-2024-40706	Exposure of System Data to an Unauthorized Control Sphere vulnerability in IBM Infosphere Information Server 11.7 IBM InfoSphere Information Server 11.7 could allow a remote user to obtain sensitive version information that could aid in further attacks against the system. network low complexity ibm CWE-497	4.3
2025-01-17	CVE-2024-52363	Path Traversal vulnerability in IBM Infosphere Information Server 11.7 IBM InfoSphere Information Server 11.7 could allow a remote attacker to traverse directories on the system. network low complexity ibm CWE-22	7.5
2024-12-12	CVE-2024-52901	Improper Validation of Specified Quantity in Input vulnerability in IBM Infosphere Information Server 11.7 IBM InfoSphere Information Server 11.7 could allow an authenticated user to GUI to not load or stop working due to improper input validation. network low complexity ibm CWE-1284	6.5
2024-12-11	CVE-2023-23472	Exposure of System Data to an Unauthorized Control Sphere vulnerability in IBM Infosphere Information Server 11.7 IBM InfoSphere DataStage Flow Designer (InfoSphere Information Server 11.7) could allow an authenticated user to obtain sensitive information that could aid in further attacks against the system. network low complexity ibm CWE-497	6.5
2024-12-11	CVE-2024-51460	Information Exposure Through an Error Message vulnerability in IBM Infosphere Information Server 11.7 IBM InfoSphere Information Server 11.7 could allow an authenticated user to obtain sensitive information when a detailed technical error message is returned in a stack trace. network low complexity ibm CWE-209	4.3
2024-08-15	CVE-2024-40704	Insufficiently Protected Credentials vulnerability in IBM Infosphere Information Server 11.7/11.7.0.1/11.7.0.2 IBM InfoSphere Information Server 11.7 could allow a privileged user to obtain sensitive information from authentication request headers. network low complexity ibm CWE-522	4.9
2024-08-15	CVE-2024-40705	Unspecified vulnerability in IBM Infosphere Information Server 11.7/11.7.0.1/11.7.0.2 IBM InfoSphere Information Server could allow an authenticated user to consume file space resources due to unrestricted file uploads. network low complexity ibm	6.5
2024-08-06	CVE-2024-39751	Information Exposure Through an Error Message vulnerability in IBM Infosphere Information Server 11.7 IBM InfoSphere Information Server 11.7 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. network low complexity ibm CWE-209	4.3
2024-07-26	CVE-2024-40689	Unspecified vulnerability in IBM products IBM InfoSphere Information Server 11.7 is vulnerable to SQL injection. network low complexity ibm critical	9.8
2024-07-24	CVE-2024-37533	Unspecified vulnerability in IBM Infosphere Information Server 11.7 IBM InfoSphere Information Server 11.7 could disclose sensitive user information to another user with physical access to the machine. low complexity ibm	4.6