CVSS: 5.3EPSS: 0%CPEs: 3EXPL: 0CVE-2022-41733 – IBM InfoSphere Information Server denial of service
https://notcve.org/view.php?id=CVE-2022-41733
IBM InfoSphere Information Server 11.7 could allow a remote attacked to cause some of the components to be unusable until the process is restarted. IBM X-Force ID: 237583. IBM InfoSphere Information Server 11.7 podría permitir que un ataque remoto provoque que algunos de los componentes queden inutilizables hasta que se reinicie el proceso. ID de IBM X-Force: 237583. • https://exchange.xforce.ibmcloud.com/vulnerabilities/237583 https://www.ibm.com/support/pages/node/6840399 • CWE-20: Improper Input Validation •
CVSS: 9.8EPSS: 0%CPEs: 5EXPL: 0CVE-2022-40752
https://notcve.org/view.php?id=CVE-2022-40752
IBM InfoSphere DataStage 11.7 is vulnerable to a command injection vulnerability due to improper neutralization of special elements. IBM X-Force ID: 236687. IBM InfoSphere DataStage 11.7 es vulnerable a una vulnerabilidad de inyección de comandos debido a una neutralización inadecuada de elementos especiales. ID de IBM X-Force: 236687. • https://exchange.xforce.ibmcloud.com/vulnerabilities/236687 https://www.ibm.com/support/pages/node/6833566 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 5.4EPSS: 0%CPEs: 4EXPL: 0CVE-2022-40753 – IBM InfoSphere Information Server cross-site scripting
https://notcve.org/view.php?id=CVE-2022-40753
IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 236688. IBM InfoSphere Information Server 11.7 es vulnerable a Cross-Site Scripting (XSS). Esta vulnerabilidad permite a los usuarios incrustar código JavaScript arbitrario en la interfaz de usuario web, alterando así la funcionalidad prevista, lo que podría conducir a la divulgación de credenciales dentro de una sesión confiable. • https://exchange.xforce.ibmcloud.com/vulnerabilities/236688 https://www.ibm.com/support/pages/node/6830015 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 4EXPL: 0CVE-2022-35642
https://notcve.org/view.php?id=CVE-2022-35642
"IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 227592." "IBM InfoSphere Information Server 11.7 es vulnerable a Cross-Site Scripting (XSS). Esta vulnerabilidad permite a los usuarios incrustar código JavaScript arbitrario en la interfaz de usuario web, alterando así la funcionalidad prevista, lo que podría conducir a la divulgación de credenciales dentro de una sesión confiable. • https://www.ibm.com/support/pages/node/6829311 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0CVE-2022-30608
https://notcve.org/view.php?id=CVE-2022-30608
"IBM InfoSphere Information Server 11.7 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a "user that the website trusts. IBM X-Force ID: 227295. "IBM InfoSphere Information Server 11.7 es vulnerable a la Cross-Site Request Forgery (CSRF), lo que podría permitir a un atacante ejecutar acciones maliciosas y no autorizadas transmitidas desde un "usuario en el que confía el sitio web". ID de IBM X-Force: 227295. • https://www.ibm.com/support/pages/node/6829335 • CWE-352: Cross-Site Request Forgery (CSRF) •