5 results (0.011 seconds)

CVSS: 5.3EPSS: 0%CPEs: 3EXPL: 0

IBM InfoSphere Information Server 11.7 could allow a remote attacked to cause some of the components to be unusable until the process is restarted. IBM X-Force ID: 237583. IBM InfoSphere Information Server 11.7 podría permitir que un ataque remoto provoque que algunos de los componentes queden inutilizables hasta que se reinicie el proceso. ID de IBM X-Force: 237583. • https://exchange.xforce.ibmcloud.com/vulnerabilities/237583 https://www.ibm.com/support/pages/node/6840399 • CWE-20: Improper Input Validation •

CVSS: 2.1EPSS: 0%CPEs: 5EXPL: 0

IBM InfoSphere Information Server 8.0, 8.1, 8.5, 8.7, and 9.1 allows local users to obtain sensitive information in opportunistic circumstances by leveraging the presence of file content after a failed installation. IBM InfoSphere Information Server 8.0, 8.1, 8.5, 8.7 y 9.1 permite a usuarios locales obtener información sensible en circunstancias oportunistas aprovechando la presencia de archivos despues de una instalación fallida. • http://www-01.ibm.com/support/docview.wss?uid=swg1JR48095 http://www-01.ibm.com/support/docview.wss?uid=swg21659957 https://exchange.xforce.ibmcloud.com/vulnerabilities/87816 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 4.3EPSS: 0%CPEs: 8EXPL: 0

IBM InfoSphere Information Server 8.0, 8.1, 8.5 through FP3, 8.7, and 9.1 allows remote attackers to conduct clickjacking attacks by creating an overlay interface on top of the Web Console interface. IBM InfoSphere Information Server v8.0, v8.1, v8.5 hasta FP3, v8.7, y v9.1 permite a atacantes remotos llevar a cabo ataques de phising mediante la creación de un interfaz superpuesto en el interfaz de la consola web. • http://www.ibm.com/support/docview.wss?uid=swg21651343 http://www.securityfocus.com/bid/62767 https://exchange.xforce.ibmcloud.com/vulnerabilities/86597 • CWE-20: Improper Input Validation •

CVSS: 5.8EPSS: 0%CPEs: 8EXPL: 0

IBM InfoSphere Information Server 8.0, 8.1, 8.5 through FP3, 8.7, and 9.1 allows remote attackers to hijack sessions and read cookie values, or conduct phishing attacks to capture credentials, via unspecified vectors. IBM InfoSphere Information Server v8.0, v8.1, v8.5 hasta FP3, v8.7 y v9.1 permite a atacantes remotos secuestrar sesiones y leer valores de cookies, o llevar a acabo ataques de phising para capturar credenciales a través de vectores no especificados. • http://www.ibm.com/support/docview.wss?uid=swg21651343 http://www.securityfocus.com/bid/62768 https://exchange.xforce.ibmcloud.com/vulnerabilities/86598 • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 3.5EPSS: 0%CPEs: 4EXPL: 0

Cross-site scripting (XSS) vulnerability in IBM InfoSphere Information Server through 8.5 FP3, 8.7 through FP2, and 9.1 allows remote authenticated users to inject arbitrary web script or HTML via vectors related to the web console. Vulnerabilidad Cross-site scripting (XSS) en IBM InfoSphere Information Server hasta v8.5 FP3, v8.7 hasta FP2, y v9.1 permite a usuarios remotos autenticados inyectar secuencias de comandos web o HTML a través de vectores relacionados con la consola web. • http://www-01.ibm.com/support/docview.wss?uid=swg21646136 http://www.securityfocus.com/bid/61757 https://exchange.xforce.ibmcloud.com/vulnerabilities/84646 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •