CVSS: 8.1EPSS: 0%CPEs: 5EXPL: 0CVE-2017-1467 – IBM Infosphere Information Server / Datastage 11.5 Command Execution / Bypass
https://notcve.org/view.php?id=CVE-2017-1467
A network layer security vulnerability in InfoSphere Information Server 9.1, 11.3, and 11.5 can lead to privilege escalation or unauthorized access. IBM X-Force ID: 128466. Una vulnerabilidad de la seguridad en la capa de red en InfoSphere Information Server 9.1, 11.3 y 11.5 permite que se escalen privilegios o un acceso no autorizado. IBM X-Force ID: 128466. IBM Infosphere Information Server / Datastage versions 9.1, 11.3, and 11.5 (including Cloud version 11.5) suffer from bypass, XML external entity injection, DLL side loading, and various other vulnerabilities. • http://www.ibm.com/support/docview.wss?uid=swg22006063 http://www.securityfocus.com/bid/100103 https://exchange.xforce.ibmcloud.com/vulnerabilities/128466 •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2017-1468 – IBM Infosphere Information Server / Datastage 11.5 Command Execution / Bypass
https://notcve.org/view.php?id=CVE-2017-1468
IBM InfoSphere Information Server 9.1, 11.3, and 11.5 could allow a local user to gain elevated privileges by placing arbitrary files in installation directories. IBM X-force ID: 128467. IBM InfoSphere Information Server 9.1, 11.3 y 11.5 podría permitir que un usuario local obtenga privilegios elevados al ubicar archivos arbitrarios en los directorios de instalación. IBM X-force ID: 128467. IBM Infosphere Information Server / Datastage versions 9.1, 11.3, and 11.5 (including Cloud version 11.5) suffer from bypass, XML external entity injection, DLL side loading, and various other vulnerabilities. • http://www.ibm.com/support/docview.wss?uid=swg22006067 http://www.securityfocus.com/bid/100099 https://exchange.xforce.ibmcloud.com/vulnerabilities/128467 •
CVSS: 4.9EPSS: 0%CPEs: 4EXPL: 0CVE-2017-1495 – IBM Infosphere Information Server / Datastage 11.5 Command Execution / Bypass
https://notcve.org/view.php?id=CVE-2017-1495
IBM InfoSphere Information Server 9.1, 11.3, and 11.5 could allow a privileged user to cause a memory dump that could contain highly sensitive information including access credentials. IBM X-Force ID: 128693. IBM InfoSphere Information Server 9.1, 11.3 y 11.5 podría permitir que un usuario con privilegios haga un volcado de memoria que pueda contener información altamente sensible, incluyendo credenciales de acceso. IBM X-Force ID: 128693. IBM Infosphere Information Server / Datastage versions 9.1, 11.3, and 11.5 (including Cloud version 11.5) suffer from bypass, XML external entity injection, DLL side loading, and various other vulnerabilities. • http://www.ibm.com/support/docview.wss?uid=swg22006068 https://exchange.xforce.ibmcloud.com/vulnerabilities/128693 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.1EPSS: 0%CPEs: 4EXPL: 0CVE-2017-1321
https://notcve.org/view.php?id=CVE-2017-1321
IBM InfoSphere Information Server 9.1, 11.3, and 11.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 125916. IBM InfoSphere Information Server versión 9.1,versión 11.3 y versión 11.5 es vulnerable a Cross-Site Scripting (XSS). Esta vulnerabilidad permite a los usuarios insertar un código JavaScript arbitrario en la interfaz del usuario web, por lo tanto, alterar la funcionalidad deseada que podría conducir a la divulgación de credenciales dentro de una sesión segura. • http://www.ibm.com/support/docview.wss?uid=swg22004729 http://www.securityfocus.com/bid/99537 https://exchange.xforce.ibmcloud.com/vulnerabilities/125916 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.7EPSS: 0%CPEs: 5EXPL: 0CVE-2015-7493
https://notcve.org/view.php?id=CVE-2015-7493
IBM InfoSphere Information Server could allow a local user under special circumstances to execute commands during installation processes that could expose sensitive information. IBM InfoSphere Information Server podría permitir a un usuario local bajo especiales circunstancias ejecutar comandos durante procesos de instalación que podrían exponer información sensible. • http://www.ibm.com/support/docview.wss?uid=swg21982034 http://www.securityfocus.com/bid/90529 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •