Vulnerabilities > IBM > Infosphere Information Server > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-12-01 CVE-2023-42022 Unspecified vulnerability in IBM Infosphere Information Server 11.7.1
IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting.
network
low complexity
ibm
5.4
2023-12-01 CVE-2023-43021 Unspecified vulnerability in IBM Infosphere Information Server 11.7.1
IBM InfoSphere Information Server 11.7 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser.
network
low complexity
ibm
5.3
2023-12-01 CVE-2023-46174 Unspecified vulnerability in IBM Infosphere Information Server 11.7.1
IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting.
network
low complexity
ibm
5.4
2023-12-01 CVE-2023-43015 Unspecified vulnerability in IBM Infosphere Information Server 11.7.1
IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting.
network
low complexity
ibm
5.4
2023-11-18 CVE-2023-40363 Incorrect Default Permissions vulnerability in IBM Infosphere Information Server 11.7
IBM InfoSphere Information Server 11.7 could allow an authenticated user to change installation files due to incorrect file permission settings.
network
low complexity
ibm CWE-276
6.5
2023-07-19 CVE-2023-35898 Unspecified vulnerability in IBM Infosphere Information Server 11.7
IBM InfoSphere Information Server 11.7 could allow an authenticated user to obtain sensitive information due to an insecure security configuration in InfoSphere Data Flow Designer.
network
low complexity
ibm
6.5
2023-07-17 CVE-2023-33857 Unspecified vulnerability in IBM Infosphere Information Server 11.7
IBM InfoSphere Information Server 11.7 could allow a remote attacker to obtain system information using a specially crafted query that could aid in further attacks against the system.
network
low complexity
ibm
5.3
2023-05-19 CVE-2023-22878 Cleartext Storage of Sensitive Information vulnerability in IBM Infosphere Information Server 11.7
IBM InfoSphere Information Server 11.7 stores user credentials in plain clear text which can be read by a local user.
local
low complexity
ibm CWE-312
5.5
2023-05-19 CVE-2023-28529 Unspecified vulnerability in IBM Infosphere Information Server 11.7
IBM InfoSphere Information Server 11.7 is vulnerable to stored cross-site scripting.
network
low complexity
ibm
5.4
2023-02-21 CVE-2023-25928 Unspecified vulnerability in IBM Infosphere Information Server 11.7
IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting.
network
low complexity
ibm
5.4