NotCVE - vendor:"Ibm" product:"Infosphere Information Server" version:"

Page 18 of 147 results (0.006 seconds)

CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0

CVE-2012-4818

https://notcve.org/view.php?id=CVE-2012-4818

IBM InfoSphere Information Server 8.1, 8.5, and 8,7 could allow a remote authenticated attacker to obtain sensitive information, caused by improper restrictions on directories. An attacker could exploit this vulnerability via the DataStage application to load or import content functionality to view arbitrary files on the system. IBM InfoSphere Information Server versiones 8.1, 8.5 y 8.7, podría permitir a un atacante remoto autenticado obtener información sensible, causada por restricciones inapropiadas en los directorios. Un atacante podría explotar esta vulnerabilidad por medio de la aplicación DataStage para cargar o importar funcionalidad de contenido para ver archivos arbitrarios en el sistema • https://exchange.xforce.ibmcloud.com/vulnerabilities/78651 https://www.ibm.com/blogs/psirt/security-bulletin-lack-of-path-restriction-may-allow-access-to-sensitive-data-stored-on-ibm-infosphere-information-server-cve-2012-4818/?lnk=hm •

CVSS: 9.3EPSS: 1%CPEs: 5EXPL: 0

CVE-2020-4305

https://notcve.org/view.php?id=CVE-2020-4305

IBM InfoSphere Information Server 11.3, 11.5, and 11.7 could allow a remote attacker to execute arbitrary code on the system, caused by the deserialization of untrusted data. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 176677. IBM InfoSphere Information Server versiones 11.3, 11.5 y 11.7, podría permitir a un atacante remoto ejecutar código arbitrario en el sistema, causado por la deserialización de datos no confiables. Al persuadir a una víctima para que visite un sitio web especialmente diseñado, un atacante podría aprovechar esta vulnerabilidad para ejecutar código arbitrario en el sistema. • https://exchange.xforce.ibmcloud.com/vulnerabilities/176677 https://www.ibm.com/support/pages/node/6244664 • CWE-502: Deserialization of Untrusted Data •

CVSS: 5.4EPSS: 0%CPEs: 3EXPL: 0

CVE-2020-4298

https://notcve.org/view.php?id=CVE-2020-4298

IBM InfoSphere Information Server 11.3, 11.5, and 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 176475. IBM InfoSphere Information Server versiones 11.3, 11.5 y 11.7, es vulnerable a un ataque de tipo cross-site scripting. Esta vulnerabilidad permite a usuarios insertar código JavaScript arbitrario en la Interfaz de Usuario Web, alterando así la funcionalidad prevista conllevando potencialmente a una divulgación de credenciales dentro de una sesión confiable. • https://exchange.xforce.ibmcloud.com/vulnerabilities/176475 https://www.ibm.com/support/pages/node/6194775 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0

CVE-2020-4286

https://notcve.org/view.php?id=CVE-2020-4286

IBM InfoSphere Information Server 11.3, 11.5, and 11.7 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 176268. IBM InfoSphere Information Server versiones 11.3, 11.5 y 11.7, es vulnerable a un ataque de tipo cross-site request forgery, lo que podría permitir a un atacante ejecutar acciones maliciosas y no autorizadas transmitidas desde un usuario en el que el sitio web confía. IBM X-Force ID: 176268. • https://exchange.xforce.ibmcloud.com/vulnerabilities/176268 https://www.ibm.com/support/pages/node/6194751 • CWE-352: Cross-Site Request Forgery (CSRF) •

CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0

CVE-2020-4347

https://notcve.org/view.php?id=CVE-2020-4347

IBM InfoSphere Information Server 11.3, 11.5, and 11.7 could be subject to attacks based on privilege escalation due to inappropriate file permissions for files used by WebSphere Application Server Network Deployment. IBM X-Force ID: 178412. El IBM InfoSphere Information Server versiones 11.3, 11.5 y 11.7, podría ser objeto de ataques basados en una escalada de privilegios debido a permisos de archivo inapropiados para archivos utilizados por WebSphere Application Server Network Deployment. IBM X-Force ID: 178412. • https://exchange.xforce.ibmcloud.com/vulnerabilities/178412 https://www.ibm.com/support/pages/node/6191679 • CWE-732: Incorrect Permission Assignment for Critical Resource •

1...16 17 18 19 20