CVSS: 2.4EPSS: 0%CPEs: 1EXPL: 0CVE-2023-50955 – IBM InfoSphere Information Server information disclosure
https://notcve.org/view.php?id=CVE-2023-50955
IBM InfoSphere Information Server 11.7 could allow an authenticated privileged user to obtain the absolute path of the web server installation which could aid in further attacks against the system. IBM X-Force ID: 275777. IBM InfoSphere Information Server 11.7 podría permitir que un usuario privilegiado autenticado obtenga la ruta absoluta de la instalación del servidor web, lo que podría ayudar en futuros ataques contra el sistema. ID de IBM X-Force: 275777. • https://exchange.xforce.ibmcloud.com/vulnerabilities/275777 https://www.ibm.com/support/pages/node/7116610 • CWE-36: Absolute Path Traversal •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0CVE-2023-33843 – IBM InfoSphere Information Server cross-site scripting
https://notcve.org/view.php?id=CVE-2023-33843
IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 256544. IBM InfoSphere Information Server 11.7 es vulnerable a Cross-Site Scripting. Esta vulnerabilidad permite a los usuarios incrustar código JavaScript arbitrario en la interfaz de usuario web, alterando así la funcionalidad prevista, lo que podría conducir a la divulgación de credenciales dentro de una sesión confiable. • https://exchange.xforce.ibmcloud.com/vulnerabilities/256544 https://www.ibm.com/support/pages/node/7116607 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 5EXPL: 0CVE-2023-46174 – IBM InfoSphere Information Server cross-site scripting
https://notcve.org/view.php?id=CVE-2023-46174
IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 269506. IBM InfoSphere Information Server 11.7 es vulnerable a cross-site scripting. Esta vulnerabilidad permite a los usuarios incrustar código JavaScript arbitrario en la interfaz de usuario web, alterando así la funcionalidad prevista, lo que podría conducir a la divulgación de credenciales dentro de una sesión confiable. • https://exchange.xforce.ibmcloud.com/vulnerabilities/269506 https://www.ibm.com/support/pages/node/7067717 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.9EPSS: 0%CPEs: 5EXPL: 0CVE-2023-42019 – IBM InfoSphere Information Server information disclosure
https://notcve.org/view.php?id=CVE-2023-42019
IBM InfoSphere Information Server 11.7 could allow a remote attacker to cause a denial of service due to improper input validation. IBM X-Force ID: 265161. IBM InfoSphere Information Server 11.7 podría permitir que un atacante remoto provoque una denegación de servicio debido a una validación de entrada incorrecta. ID de IBM X-Force: 265161. • https://exchange.xforce.ibmcloud.com/vulnerabilities/265569 https://www.ibm.com/support/pages/node/7067719 • CWE-311: Missing Encryption of Sensitive Data •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2023-40699 – IBM InfoSphere Information Server denial of service
https://notcve.org/view.php?id=CVE-2023-40699
IBM InfoSphere Information Server 11.7 could allow a remote attacker to cause a denial of service due to improper input validation. IBM X-Force ID: 265161. IBM InfoSphere Information Server 11.7 podría permitir que un atacante remoto provoque una denegación de servicio debido a una validación de entrada incorrecta. ID de IBM X-Force: 265161. • https://exchange.xforce.ibmcloud.com/vulnerabilities/265161 https://www.ibm.com/support/pages/node/7067714 • CWE-20: Improper Input Validation •