Vulnerabilities > IBM > Infosphere Information Server > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-06-30 | CVE-2024-31902 | Cross-Site Request Forgery (CSRF) vulnerability in IBM Infosphere Information Server 11.7 IBM InfoSphere Information Server 11.7 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | 8.8 |
| 2023-12-01 | CVE-2023-40699 | Unspecified vulnerability in IBM Infosphere Information Server 11.7.1 IBM InfoSphere Information Server 11.7 could allow a remote attacker to cause a denial of service due to improper input validation. | 7.5 |
| 2023-12-01 | CVE-2023-38268 | Cross-Site Request Forgery (CSRF) vulnerability in IBM Infosphere Information Server 11.7.1 IBM InfoSphere Information Server 11.7 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | 8.8 |
| 2023-08-28 | CVE-2023-22877 | Improper Neutralization of Formula Elements in a CSV File vulnerability in IBM Infosphere Information Server 11.7.1 IBM InfoSphere Information Server 11.7 is potentially vulnerable to CSV Injection. | 8.8 |
| 2023-08-28 | CVE-2023-23473 | Cross-Site Request Forgery (CSRF) vulnerability in IBM Infosphere Information Server 11.7.1 IBM InfoSphere Information Server 11.7 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | 8.8 |
| 2023-08-28 | CVE-2023-24959 | Unspecified vulnerability in IBM Infosphere Information Server 11.7.1 IBM InfoSphere Information Systems 11.7 could expose information about the host system and environment configuration. | 7.5 |
| 2023-04-29 | CVE-2023-30441 | Unspecified vulnerability in IBM products IBM Runtime Environment, Java Technology Edition IBMJCEPlus and JSSE 8.0.7.0 through 8.0.7.11 components could expose sensitive information using a combination of flaws and configurations. | 7.5 |
| 2023-02-17 | CVE-2023-24960 | Path Traversal vulnerability in IBM Infosphere Information Server 11.7 IBM InfoSphere Information Server 11.7 could allow a remote attacker to traverse directories on the system. | 7.5 |
| 2022-11-03 | CVE-2022-30608 | Cross-Site Request Forgery (CSRF) vulnerability in IBM Infosphere Information Server 11.7 "IBM InfoSphere Information Server 11.7 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a "user that the website trusts. | 8.8 |
| 2022-11-03 | CVE-2022-35717 | OS Command Injection vulnerability in IBM Infosphere Information Server 11.7 "IBM InfoSphere Information Server 11.7 could allow a locally authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request. | 7.8 |