CVE-2023-22877 – IBM InfoSphere Information Server CSV injection
https://notcve.org/view.php?id=CVE-2023-22877
IBM InfoSphere Information Server 11.7 is potentially vulnerable to CSV Injection. A remote attacker could execute arbitrary commands on the system, caused by improper validation of csv file contents. IBM X-Force ID: 244368. IBM InfoSphere Information Server v11.7 es potencialmente vulnerable a la inyección CSV. Un atacante remoto podría ejecutar comandos arbitrarios en el sistema, debido a una validación incorrecta del contenido de los archivos CSV. • https://exchange.xforce.ibmcloud.com/vulnerabilities/244368 https://www.ibm.com/support/pages/node/6988623 • CWE-1236: Improper Neutralization of Formula Elements in a CSV File •
CVE-2022-41733 – IBM InfoSphere Information Server denial of service
https://notcve.org/view.php?id=CVE-2022-41733
IBM InfoSphere Information Server 11.7 could allow a remote attacked to cause some of the components to be unusable until the process is restarted. IBM X-Force ID: 237583. IBM InfoSphere Information Server 11.7 podría permitir que un ataque remoto provoque que algunos de los componentes queden inutilizables hasta que se reinicie el proceso. ID de IBM X-Force: 237583. • https://exchange.xforce.ibmcloud.com/vulnerabilities/237583 https://www.ibm.com/support/pages/node/6840399 • CWE-20: Improper Input Validation •
CVE-2020-4305
https://notcve.org/view.php?id=CVE-2020-4305
IBM InfoSphere Information Server 11.3, 11.5, and 11.7 could allow a remote attacker to execute arbitrary code on the system, caused by the deserialization of untrusted data. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 176677. IBM InfoSphere Information Server versiones 11.3, 11.5 y 11.7, podría permitir a un atacante remoto ejecutar código arbitrario en el sistema, causado por la deserialización de datos no confiables. Al persuadir a una víctima para que visite un sitio web especialmente diseñado, un atacante podría aprovechar esta vulnerabilidad para ejecutar código arbitrario en el sistema. • https://exchange.xforce.ibmcloud.com/vulnerabilities/176677 https://www.ibm.com/support/pages/node/6244664 • CWE-502: Deserialization of Untrusted Data •
CVE-2019-4185
https://notcve.org/view.php?id=CVE-2019-4185
IBM InfoSphere Information Server 11.7.1 containers are vulnerable to privilege escalation due to an insecurely configured component. IBM X-Force ID: 158975. Los contenedores de IBM InfoSphere Information Server versión 11.7.1, son vulnerables a la escalada de privilegios debido a un componente configurado de forma no segura. ID de IBM X-Force: 158975. • https://exchange.xforce.ibmcloud.com/vulnerabilities/158975 https://www.ibm.com/support/docview.wss?uid=ibm10882626 •