Vulnerabilities > IBM > Infosphere Information Server > Low

DATE CVE VULNERABILITY TITLE RISK
2024-06-30 CVE-2023-35022 Unspecified vulnerability in IBM Infosphere Information Server 11.7
IBM InfoSphere Information Server 11.7 could allow a local user to update projects that they do not have the authorization to access.
local
low complexity
ibm
3.3
2024-02-21 CVE-2023-50955 Path Traversal vulnerability in IBM Infosphere Information Server 11.7
IBM InfoSphere Information Server 11.7 could allow an authenticated privileged user to obtain the absolute path of the web server installation which could aid in further attacks against the system.
network
low complexity
ibm CWE-22
2.7
2020-11-13 CVE-2020-4886 Insecure Storage of Sensitive Information vulnerability in IBM Infosphere Information Server 11.7
IBM InfoSphere Information Server 11.7 stores sensitive information in the browser's history that could be obtained by a user who has access to the same system.
local
low complexity
ibm CWE-922
3.3
2016-03-03 CVE-2015-7490 Improper Access Control vulnerability in IBM Infosphere Information Server
IBM InfoSphere Information Server 8.5 through FP3, 8.7 through FP2, 9.1 through 9.1.2.0, 11.3 through 11.3.1.2, and 11.5 allows remote authenticated users to bypass intended access restrictions via a modified cookie.
network
high complexity
ibm CWE-284
3.1