Vulnerabilities > IBM > Infosphere Information Server > 11.7
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-10-18 | CVE-2018-1518 | Inadequate Encryption Strength vulnerability in IBM products IBM InfoSphere Information Server 11.7 is affected by a weak password encryption vulnerability that could allow a local user to obtain highly sensitive information. | 2.1 |
| 2018-06-05 | CVE-2018-1454 | Cleartext Transmission of Sensitive Information vulnerability in IBM Infosphere Information Server 11.3/11.5/11.7 IBM InfoSphere Information Server 11.3, 11.5, and 11.7 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. | 4.3 |
| 2018-06-05 | CVE-2018-1432 | Cross-Site Request Forgery (CSRF) vulnerability in IBM Infosphere Information Server IBM InfoSphere Information Server 9.1, 11.3, 11.5, and 11.7 is vulnerable to cross-frame scripting which is a vulnerability that allows an attacker to load Information Server components inside an HTML iframe tag on a malicious page. | 4.3 |
| 2018-06-05 | CVE-2017-1350 | Unspecified vulnerability in IBM Infosphere Information Server IBM InfoSphere Information Server 9.1, 11.3, 11.5, and 11.7 could allow a user to escalate their privileges to administrator due to improper access controls. | 7.2 |