Vulnerabilities > IBM > Infosphere Information Server

DATE CVE VULNERABILITY TITLE RISK
2023-02-21 CVE-2023-25928 Cross-site Scripting vulnerability in IBM Infosphere Information Server 11.7
IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
5.4
2023-02-17 CVE-2023-24960 Path Traversal vulnerability in IBM Infosphere Information Server 11.7
IBM InfoSphere Information Server 11.7 could allow a remote attacker to traverse directories on the system.
network
low complexity
ibm CWE-22
7.5
7.5
2023-02-17 CVE-2023-24964 Cleartext Storage of Sensitive Information vulnerability in IBM Infosphere Information Server 11.7
IBM InfoSphere Information Server 11.7 could allow a local user to obtain sensitive information from a log files.
local
low complexity
ibm CWE-312
5.5
5.5
2023-02-08 CVE-2023-23475 Cross-site Scripting vulnerability in IBM Infosphere Information Server 11.7
IBM Infosphere Information Server 11.7 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
4.6
4.6
2023-02-01 CVE-2022-47983 Cross-site Scripting vulnerability in IBM Infosphere Information Server 11.7
IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
5.4
2023-01-20 CVE-2022-41733 Improper Input Validation vulnerability in IBM Infosphere Information Server
IBM InfoSphere Information Server 11.7 could allow a remote attacked to cause some of the components to be unusable until the process is restarted.
network
low complexity
ibm CWE-20
5.3
5.3
2022-11-16 CVE-2022-40752 Command Injection vulnerability in IBM products
IBM InfoSphere DataStage 11.7 is vulnerable to a command injection vulnerability due to improper neutralization of special elements.
network
low complexity
ibm CWE-77
critical
 9.8
9.8
2022-11-15 CVE-2022-40753 Cross-site Scripting vulnerability in IBM Infosphere Information Server 11.7
IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
5.4
2022-11-03 CVE-2022-22425 Improper Neutralization of Formula Elements in a CSV File vulnerability in IBM Infosphere Information Server 11.7
"IBM InfoSphere Information Server 11.7 is potentially vulnerable to CSV Injection.
network
low complexity
ibm CWE-1236
critical
 9.8
9.8
2022-11-03 CVE-2022-22442 Unspecified vulnerability in IBM products
"IBM InfoSphere Information Server 11.7 could allow an authenticated user to access information restricted to users with elevated privileges due to improper access controls.
network
low complexity
ibm
6.5
6.5