Vulnerabilities > IBM > Infosphere Information Server > 11.7
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-02-17 | CVE-2023-24960 | Path Traversal vulnerability in IBM Infosphere Information Server 11.7 IBM InfoSphere Information Server 11.7 could allow a remote attacker to traverse directories on the system. | 7.5 |
| 2023-02-17 | CVE-2023-24964 | Cleartext Storage of Sensitive Information vulnerability in IBM Infosphere Information Server 11.7 IBM InfoSphere Information Server 11.7 could allow a local user to obtain sensitive information from a log files. | 5.5 |
| 2023-02-08 | CVE-2023-23475 | Cross-site Scripting vulnerability in IBM Infosphere Information Server 11.7 IBM Infosphere Information Server 11.7 is vulnerable to cross-site scripting. | 4.6 |
| 2023-02-01 | CVE-2022-47983 | Cross-site Scripting vulnerability in IBM Infosphere Information Server 11.7 IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. | 5.4 |
| 2023-01-20 | CVE-2022-41733 | Improper Input Validation vulnerability in IBM Infosphere Information Server IBM InfoSphere Information Server 11.7 could allow a remote attacked to cause some of the components to be unusable until the process is restarted. | 5.3 |
| 2022-11-16 | CVE-2022-40752 | Command Injection vulnerability in IBM products IBM InfoSphere DataStage 11.7 is vulnerable to a command injection vulnerability due to improper neutralization of special elements. | 9.8 |
| 2022-11-15 | CVE-2022-40753 | Cross-site Scripting vulnerability in IBM Infosphere Information Server 11.7 IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. | 5.4 |
| 2022-11-03 | CVE-2022-22425 | Improper Neutralization of Formula Elements in a CSV File vulnerability in IBM Infosphere Information Server 11.7 "IBM InfoSphere Information Server 11.7 is potentially vulnerable to CSV Injection. | 9.8 |
| 2022-11-03 | CVE-2022-22442 | Unspecified vulnerability in IBM products "IBM InfoSphere Information Server 11.7 could allow an authenticated user to access information restricted to users with elevated privileges due to improper access controls. | 6.5 |
| 2022-11-03 | CVE-2022-30608 | Cross-Site Request Forgery (CSRF) vulnerability in IBM Infosphere Information Server 11.7 "IBM InfoSphere Information Server 11.7 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a "user that the website trusts. | 8.8 |