CVE-2018-1899
https://notcve.org/view.php?id=CVE-2018-1899
IBM InfoSphere Information Server 11.3, 11.5, and 11.7 could allow an attacker to change one of the settings related to InfoSphere Business Glossary Anywhere due to improper access control. IBM X-Force ID: 152528. IBM InfoSphere Information Server, en sus versiones 11.3, 11.5 y 11.7, podría permitir a un atacante modificar uno de los ajustes relacionados con InfoSphere Business Glossary Anywhere debido a un control de acceso incorrecto. IBM X-Force ID: 152528. • http://www.ibm.com/support/docview.wss?uid=ibm10744029 https://exchange.xforce.ibmcloud.com/vulnerabilities/152528 •
CVE-2018-1701
https://notcve.org/view.php?id=CVE-2018-1701
IBM InfoSphere Information Server 11.7 could allow an authenciated user under specialized conditions to inject commands into the installation process that would execute on the WebSphere Application Server. IBM X-Force ID: 145970. IBM InfoSphere Information Server 11.7 podría permitir que un usuario autenticado en condiciones especializadas inyecte comandos en el proceso de instalación que se ejecutarían en WebSphere Application Server. IBM X-Force ID: 145970. • https://exchange.xforce.ibmcloud.com/vulnerabilities/145970 https://www.ibm.com/support/docview.wss?uid=ibm10730555 •
CVE-2018-1895
https://notcve.org/view.php?id=CVE-2018-1895
IBM InfoSphere Information Server 11.3, 11.5, and 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 152159. IBM InfoSphere Information Server 11.3, 11.5 y 11.7 es vulnerable a Cross-Site Scripting (XSS). Esta vulnerabilidad permite que los usuarios embeban código JavaScript arbitrario en la interfaz de usuario web, lo que altera las funcionalidades previstas. • http://www.ibm.com/support/docview.wss?uid=ibm10744013 https://exchange.xforce.ibmcloud.com/vulnerabilities/152159 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2018-1518
https://notcve.org/view.php?id=CVE-2018-1518
IBM InfoSphere Information Server 11.7 is affected by a weak password encryption vulnerability that could allow a local user to obtain highly sensitive information. IBM X-Force ID: 141682. IBM InfoSphere Information Server 11.7 se ha visto afectado por una vulnerabilidad de cifrado débil de contraseñas que podría permitir que un usuario local obtenga información altamente sensible. IBM X-Force ID: 141682. • https://exchange.xforce.ibmcloud.com/vulnerabilities/141682 https://www.ibm.com/support/docview.wss?uid=swg22017446 • CWE-326: Inadequate Encryption Strength •