CVSS: 6.1EPSS: 0%CPEs: 10EXPL: 0CVE-2012-0203
https://notcve.org/view.php?id=CVE-2012-0203
31 Jan 2013 — Cross-site scripting (XSS) vulnerability in InfoSphere Metadata Workbench (MWB) 8.1 through 8.7 in IBM InfoSphere Information Server 8.1, 8.5 before FP3, and 8.7 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidades de ejecución de secuencias de comandos en sitios cruzados (XSS) en InfoSphere Metadata Workbench (MWB) v8.1 through v8.7 en IBM InfoSphere Information Server v8.1, v8.5 anterior a FP3, y v8.7, permite a atacantes remotos inyectar secuencias de c... • http://www-01.ibm.com/support/docview.wss?uid=swg21623501 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.3EPSS: 0%CPEs: 13EXPL: 0CVE-2012-0204
https://notcve.org/view.php?id=CVE-2012-0204
31 Jan 2013 — Untrusted search path vulnerability in InfoSphere Import Export Manager 8.1 through 9.1 in InfoSphere Information Server MetaBrokers & Bridges (MBB) in IBM InfoSphere Information Server 8.1, 8.5 before FP3, 8.7, and 9.1 allows local users to gain privileges via a Trojan horse DLL in the current working directory. Vulnerabilidad de búsqueda de ruta no confiable en el Import Export Manager v8.1 hasta v9.1 en InfoSphere Information Server MetaBrokers & Bridges (MBB) en IBM InfoSphere Information Server v8.1, v... • http://www-01.ibm.com/support/docview.wss?uid=swg21623501 •
CVSS: 6.5EPSS: 0%CPEs: 10EXPL: 0CVE-2012-0205
https://notcve.org/view.php?id=CVE-2012-0205
31 Jan 2013 — InfoSphere Metadata Workbench (MWB) 8.1 through 8.7 in IBM InfoSphere Information Server 8.1, 8.5 before FP3, and 8.7 does not properly restrict use of the troubleshooting feature, which allows remote authenticated users to bypass intended access restrictions or cause a denial of service (workbench outage) via unspecified vectors. InfoSphere Metadata Workbench (MWB) v8.1 hasta v8.7 en IBM InfoSphere Information Server v8.1, v8.5 anterior a FP3, y v8.7 no restringe correctamente el uso de la funcionlidad de ... • http://www-01.ibm.com/support/docview.wss?uid=swg21623501 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 6.1EPSS: 0%CPEs: 7EXPL: 0CVE-2012-4819
https://notcve.org/view.php?id=CVE-2012-4819
31 Jan 2013 — Cross-site scripting (XSS) vulnerability in InfoSphere Business Glossary 8.1.1 and 8.1.2, InfoSphere DataStage Operation Console, InfoSphere Administration, and Reporting and Repository Management Web Console in IBM InfoSphere Information Server 8.1, 8.5 before FP3, and 8.7 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidades de ejecución de secuencias de comandos en sitios cruzados (XSS) en InfoSphere Business Glossary v8.1.1 y v8.1.2, InfoSphere DataStag... • http://www-01.ibm.com/support/docview.wss?uid=swg21623501 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 0%CPEs: 7EXPL: 0CVE-2012-4832
https://notcve.org/view.php?id=CVE-2012-4832
31 Jan 2013 — Information Services Framework (ISF) in IBM InfoSphere Information Server 8.1, 8.5 before FP3, and 8.7 and InfoSphere Business Glossary 8.1.1 and 8.1.2 does not have an off autocomplete attribute for the password field on the login page, which makes it easier for remote attackers to obtain access by leveraging an unattended workstation. Information Services Framework (ISF) en IBM InfoSphere Information Server v8.1, v8.5 anterior a FP3, y 8.7 y InfoSphere Business Glossary v8.1.1 y v8.1.2 no tiene un atribut... • http://www-01.ibm.com/support/docview.wss?uid=swg21623501 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.1EPSS: 0%CPEs: 10EXPL: 0CVE-2012-0700
https://notcve.org/view.php?id=CVE-2012-0700
31 Jan 2013 — The client in InfoSphere FastTrack 8.1 through 8.7 in IBM InfoSphere Information Server 8.1, 8.5 before FP3, and 8.7 does not properly store credentials, which allows local users to bypass intended access restrictions via unspecified vectors. El cliente en InfoSphere FastTrack v8.1 hasta v8.7 en IBM InfoSphere Information Server v8.1, v8.5 anterior a FP3, y v8.7 no almacena correctamente las credenciales, lo que permite a usuarios locales eludir las restricciones de acceso mediante vectores no especificados... • http://www-01.ibm.com/support/docview.wss?uid=swg21623501 • CWE-255: Credentials Management Errors •
CVSS: 8.8EPSS: 0%CPEs: 6EXPL: 0CVE-2012-0701
https://notcve.org/view.php?id=CVE-2012-0701
31 Jan 2013 — The client applications in the DataStage Administrator client in InfoSphere DataStage in IBM InfoSphere Information Server 8.1, 8.5 before FP3, and 8.7 rely on client-side access control, which allows remote authenticated users to gain privileges via unspecified vectors. La aplicación cliente en el DataStage Administrator client in InfoSphere DataStage en IBM InfoSphere Information Server v8.1, v8.5 anterior a FP3, y v8.7 confia en el control de acceso del lado del cliente, lo que permite a usuarios remotos... • http://www-01.ibm.com/support/docview.wss?uid=swg21623501 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 8.1EPSS: 0%CPEs: 6EXPL: 0CVE-2012-0702
https://notcve.org/view.php?id=CVE-2012-0702
31 Jan 2013 — Information Services Framework (ISF) in IBM InfoSphere Information Server 8.1, 8.5 before FP3, and 8.7 does not properly determine authorization, which allows remote authenticated users to gain privileges via unspecified vectors. Information Services Framework (ISF) en IBM InfoSphere Information Server v8.1, v8.5 anterior a FP3, no valida correctamente la autenticación, permitiendo a usuarios remotos autenticados ganar privilegios mediante vectores no especificados. • http://www-01.ibm.com/support/docview.wss?uid=swg21623501 • CWE-287: Improper Authentication •
CVSS: 6.1EPSS: 0%CPEs: 6EXPL: 0CVE-2012-0703
https://notcve.org/view.php?id=CVE-2012-0703
31 Jan 2013 — Open redirect vulnerability in Information Services Framework (ISF) in IBM InfoSphere Information Server 8.1, 8.5 before FP3, and 8.7 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. Vulnerabilidad de redirección abierta en Information Services Framework (ISF) en IBM InfoSphere Information Server v8.1, v8.5 anterior a FP3, permite a atacantes remotos redireccionar a usuarios a sitios web de su elección y llevar a cabo ataques de phishing ... • http://www-01.ibm.com/support/docview.wss?uid=swg21623501 • CWE-20: Improper Input Validation •
CVSS: 8.8EPSS: 0%CPEs: 7EXPL: 0CVE-2012-0705
https://notcve.org/view.php?id=CVE-2012-0705
31 Jan 2013 — InfoSphere Import Export Manager in InfoSphere Information Server MetaBrokers & Bridges (MBB) in IBM InfoSphere Information Server 8.1, 8.5 before FP3, 8.7, and 9.1 does not validate unspecified input data, which allows remote authenticated users to execute arbitrary commands via unknown vectors. InfoSphere Import Export Manager en InfoSphere Information Server MetaBrokers & Bridges (MBB) en IBM InfoSphere Information Server v8.1, v8.5 anterior a FP3, v8.7, y v9.1 no valida datos de entrada no especificados... • http://www-01.ibm.com/support/docview.wss?uid=swg21623501 • CWE-20: Improper Input Validation •