Vulnerabilities > IBM > Infosphere Information Server

DATE CVE VULNERABILITY TITLE RISK
2021-04-05 CVE-2020-4997 Cross-site Scripting vulnerability in IBM Infosphere Information Server 11.7
IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2021-01-26 CVE-2020-27583 Deserialization of Untrusted Data vulnerability in IBM Infosphere Information Server 8.5
IBM InfoSphere Information Server 8.5.0.0 is affected by deserialization of untrusted data which could allow remote unauthenticated attackers to execute arbitrary code.
network
low complexity
ibm CWE-502
critical
9.8
2020-11-13 CVE-2020-4886 Insecure Storage of Sensitive Information vulnerability in IBM Infosphere Information Server 11.7
IBM InfoSphere Information Server 11.7 stores sensitive information in the browser's history that could be obtained by a user who has access to the same system.
local
low complexity
ibm CWE-922
3.3
2020-10-12 CVE-2020-4741 Cross-site Scripting vulnerability in IBM Infosphere Information Server 11.5/11.7
IBM InfoSphere Information Server 11.5 and 11.7 is vulnerable to stored cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2020-10-12 CVE-2020-4740 Cross-site Scripting vulnerability in IBM Infosphere Information Server 11.5/11.7
IBM InfoSphere Information Server 11.5 and 11.7 is vulnerable to HTML injection.
low complexity
ibm CWE-79
5.2
2020-09-25 CVE-2020-4727 Improper Restriction of Rendered UI Layers or Frames vulnerability in IBM Infosphere Information Server 11.7
IBM InfoSphere Information Server 11.7 could allow a remote attacker to hijack the clicking action of the victim.
network
low complexity
ibm CWE-1021
6.1
2020-09-04 CVE-2020-4702 Cross-site Scripting vulnerability in IBM Infosphere Information Server 11.7
IBM InfoSphere Information Server 11.7 is vulnerable to stored cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2020-07-09 CVE-2020-4305 Deserialization of Untrusted Data vulnerability in IBM products
IBM InfoSphere Information Server 11.3, 11.5, and 11.7 could allow a remote attacker to execute arbitrary code on the system, caused by the deserialization of untrusted data.
network
low complexity
ibm CWE-502
8.8
2020-05-19 CVE-2020-4298 Cross-site Scripting vulnerability in IBM products
IBM InfoSphere Information Server 11.3, 11.5, and 11.7 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2020-05-19 CVE-2020-4286 Cross-Site Request Forgery (CSRF) vulnerability in IBM products
IBM InfoSphere Information Server 11.3, 11.5, and 11.7 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.
network
low complexity
ibm CWE-352
6.5