CVSS: 4.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-50955 – IBM InfoSphere Information Server information disclosure
https://notcve.org/view.php?id=CVE-2023-50955
21 Feb 2024 — IBM InfoSphere Information Server 11.7 could allow an authenticated privileged user to obtain the absolute path of the web server installation which could aid in further attacks against the system. IBM X-Force ID: 275777. IBM InfoSphere Information Server 11.7 podría permitir que un usuario privilegiado autenticado obtenga la ruta absoluta de la instalación del servidor web, lo que podría ayudar en futuros ataques contra el sistema. ID de IBM X-Force: 275777. • https://exchange.xforce.ibmcloud.com/vulnerabilities/275777 • CWE-36: Absolute Path Traversal •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0CVE-2023-33843 – IBM InfoSphere Information Server cross-site scripting
https://notcve.org/view.php?id=CVE-2023-33843
21 Feb 2024 — IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 256544. IBM InfoSphere Information Server 11.7 es vulnerable a Cross-Site Scripting. Esta vulnerabilidad permite a los usuarios incrustar código JavaScript arbitrario en la interfaz de usuario web, alterando así la funcional... • https://exchange.xforce.ibmcloud.com/vulnerabilities/256544 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2023-46174 – IBM InfoSphere Information Server cross-site scripting
https://notcve.org/view.php?id=CVE-2023-46174
01 Dec 2023 — IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 269506. IBM InfoSphere Information Server 11.7 es vulnerable a cross-site scripting. Esta vulnerabilidad permite a los usuarios incrustar código JavaScript arbitrario en la interfaz de usuario web, alterando así la funcional... • https://exchange.xforce.ibmcloud.com/vulnerabilities/269506 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.9EPSS: 0%CPEs: 5EXPL: 0CVE-2023-42019 – IBM InfoSphere Information Server information disclosure
https://notcve.org/view.php?id=CVE-2023-42019
01 Dec 2023 — IBM InfoSphere Information Server 11.7 could allow a remote attacker to cause a denial of service due to improper input validation. IBM X-Force ID: 265161. IBM InfoSphere Information Server 11.7 podría permitir que un atacante remoto provoque una denegación de servicio debido a una validación de entrada incorrecta. ID de IBM X-Force: 265161. • https://exchange.xforce.ibmcloud.com/vulnerabilities/265569 • CWE-311: Missing Encryption of Sensitive Data •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2023-40699 – IBM InfoSphere Information Server denial of service
https://notcve.org/view.php?id=CVE-2023-40699
01 Dec 2023 — IBM InfoSphere Information Server 11.7 could allow a remote attacker to cause a denial of service due to improper input validation. IBM X-Force ID: 265161. IBM InfoSphere Information Server 11.7 podría permitir que un atacante remoto provoque una denegación de servicio debido a una validación de entrada incorrecta. ID de IBM X-Force: 265161. • https://exchange.xforce.ibmcloud.com/vulnerabilities/265161 • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2023-42022 – IBM InfoSphere Information Server cross-site scripting
https://notcve.org/view.php?id=CVE-2023-42022
01 Dec 2023 — IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 265938. IBM InfoSphere Information Server 11.7 es vulnerable a cross-site scripting. Esta vulnerabilidad permite a los usuarios incrustar código JavaScript arbitrario en la interfaz de usuario web, alterando así la funcional... • https://exchange.xforce.ibmcloud.com/vulnerabilities/265938 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.3EPSS: 0%CPEs: 5EXPL: 0CVE-2023-43021 – IBM InfoSphere Information Server information disclosure
https://notcve.org/view.php?id=CVE-2023-43021
01 Dec 2023 — IBM InfoSphere Information Server 11.7 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 266167. IBM InfoSphere Information Server 11.7 podría permitir a un atacante remoto obtener información confidencial cuando se devuelve un mensaje de error técnico detallado en el navegador. Esta información podría usarse en futuros ataques contra el sistem... • https://exchange.xforce.ibmcloud.com/vulnerabilities/266167 • CWE-209: Generation of Error Message Containing Sensitive Information •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2023-42009 – IBM InfoSphere Information Server cross-site scripting
https://notcve.org/view.php?id=CVE-2023-42009
01 Dec 2023 — IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 265504. IBM InfoSphere Information Server 11.7 es vulnerable a cross-site scripting. Esta vulnerabilidad permite a los usuarios incrustar código JavaScript arbitrario en la interfaz de usuario web, alterando así la funcional... • https://exchange.xforce.ibmcloud.com/vulnerabilities/265504 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2023-43015 – IBM InfoSphere Information Server cross-site scripting
https://notcve.org/view.php?id=CVE-2023-43015
01 Dec 2023 — IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 266064. IBM InfoSphere Information Server 11.7 es vulnerable a cross-site scripting. Esta vulnerabilidad permite a los usuarios incrustar código JavaScript arbitrario en la interfaz de usuario web, alterando así la funcional... • https://exchange.xforce.ibmcloud.com/vulnerabilities/266064 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 10.0EPSS: 0%CPEs: 5EXPL: 0CVE-2023-38268 – IBM InfoSphere Information Server cross-site request forgery
https://notcve.org/view.php?id=CVE-2023-38268
01 Dec 2023 — IBM InfoSphere Information Server 11.7 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 260585. IBM InfoSphere Information Server 11.7 es vulnerable a cross-site request forgery, lo que podría permitir a un atacante ejecutar acciones maliciosas y no autorizadas transmitidas por un usuario en el que confía el sitio web. ID de IBM X-Force: 260585. • https://exchange.xforce.ibmcloud.com/vulnerabilities/260585 • CWE-352: Cross-Site Request Forgery (CSRF) •