CVE-2017-1350
https://notcve.org/view.php?id=CVE-2017-1350
IBM InfoSphere Information Server 9.1, 11.3, 11.5, and 11.7 could allow a user to escalate their privileges to administrator due to improper access controls. IBM X-Force ID: 126526. IBM InfoSphere Information Server 9.1, 11.3, 11.5 y 11.7 podría permitir que un usuario escale sus privilegios a administrador debido a controles de acceso incorrectos. IBM X-Force ID: 126526. • http://www.ibm.com/support/docview.wss?uid=swg22005503 http://www.securityfocus.com/bid/104550 http://www.securitytracker.com/id/1041042 https://exchange.xforce.ibmcloud.com/vulnerabilities/126526 •
CVE-2017-1469
https://notcve.org/view.php?id=CVE-2017-1469
IBM InfoSphere Information Server 9.1, 11.3, and 11.5 could allow a local user to gain elevated privileges by placing arbitrary files in installation directories. IBM X-Force ID: 128468. IBM InfoSphere Information Server 9.1, 11.3, y 11.5 podría permitir que un usuario local consiga privilegios elevados mediante la colocación de archivos arbitrarios en directorios de instalación. IBM X-Force ID: 128468. • http://www.ibm.com/support/docview.wss?uid=swg22006069 http://www.securityfocus.com/bid/100309 https://exchange.xforce.ibmcloud.com/vulnerabilities/128468 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVE-2017-1495 – IBM Infosphere Information Server / Datastage 11.5 Command Execution / Bypass
https://notcve.org/view.php?id=CVE-2017-1495
IBM InfoSphere Information Server 9.1, 11.3, and 11.5 could allow a privileged user to cause a memory dump that could contain highly sensitive information including access credentials. IBM X-Force ID: 128693. IBM InfoSphere Information Server 9.1, 11.3 y 11.5 podría permitir que un usuario con privilegios haga un volcado de memoria que pueda contener información altamente sensible, incluyendo credenciales de acceso. IBM X-Force ID: 128693. IBM Infosphere Information Server / Datastage versions 9.1, 11.3, and 11.5 (including Cloud version 11.5) suffer from bypass, XML external entity injection, DLL side loading, and various other vulnerabilities. • http://www.ibm.com/support/docview.wss?uid=swg22006068 https://exchange.xforce.ibmcloud.com/vulnerabilities/128693 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2017-1383 – IBM Infosphere Information Server / Datastage 11.5 Command Execution / Bypass
https://notcve.org/view.php?id=CVE-2017-1383
IBM InfoSphere Information Server 9.1, 11.3, and 11.5 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 127155. Las versiones 9.1, 11.3 y 11.5 de IBM InfoSphere Information Server son vulnerables a ataques de tipo XML External Entity Injection (XXE) al procesar datos XML. Un atacante remoto podría explotar esta vulnerabilidad para exponer información sensible o consumir recursos de la memoria. • http://www.ibm.com/support/docview.wss?uid=swg22005803 https://exchange.xforce.ibmcloud.com/vulnerabilities/127155 • CWE-611: Improper Restriction of XML External Entity Reference •
CVE-2017-1467 – IBM Infosphere Information Server / Datastage 11.5 Command Execution / Bypass
https://notcve.org/view.php?id=CVE-2017-1467
A network layer security vulnerability in InfoSphere Information Server 9.1, 11.3, and 11.5 can lead to privilege escalation or unauthorized access. IBM X-Force ID: 128466. Una vulnerabilidad de la seguridad en la capa de red en InfoSphere Information Server 9.1, 11.3 y 11.5 permite que se escalen privilegios o un acceso no autorizado. IBM X-Force ID: 128466. IBM Infosphere Information Server / Datastage versions 9.1, 11.3, and 11.5 (including Cloud version 11.5) suffer from bypass, XML external entity injection, DLL side loading, and various other vulnerabilities. • http://www.ibm.com/support/docview.wss?uid=swg22006063 http://www.securityfocus.com/bid/100103 https://exchange.xforce.ibmcloud.com/vulnerabilities/128466 •