CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2023-24959 – IBM InfoSphere Information Server information disclosure
https://notcve.org/view.php?id=CVE-2023-24959
IBM InfoSphere Information Systems 11.7 could expose information about the host system and environment configuration. IBM X-Force ID: 246332. IBM InfoSphere Information Systems v11.7 podría exponer información sobre el sistema host y la configuración del entorno. IBM X-Force ID: 246332. • https://exchange.xforce.ibmcloud.com/vulnerabilities/246332 https://www.ibm.com/support/pages/node/6988615 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-23473 – IBM InfoSphere Information Server cross-site request forgery
https://notcve.org/view.php?id=CVE-2023-23473
IBM InfoSphere Information Server 11.7 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 245400. IBM InfoSphere Information Server v11.7 es vulnerable a Cross-Site Request Forgery lo que podría permitir a un atacante ejecutar acciones maliciosas y no autorizadas transmitidas desde un usuario en el que confía el sitio web. IBM X-Force ID: 245400. • https://exchange.xforce.ibmcloud.com/vulnerabilities/245400 https://www.ibm.com/support/pages/node/6988169 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-22877 – IBM InfoSphere Information Server CSV injection
https://notcve.org/view.php?id=CVE-2023-22877
IBM InfoSphere Information Server 11.7 is potentially vulnerable to CSV Injection. A remote attacker could execute arbitrary commands on the system, caused by improper validation of csv file contents. IBM X-Force ID: 244368. IBM InfoSphere Information Server v11.7 es potencialmente vulnerable a la inyección CSV. Un atacante remoto podría ejecutar comandos arbitrarios en el sistema, debido a una validación incorrecta del contenido de los archivos CSV. • https://exchange.xforce.ibmcloud.com/vulnerabilities/244368 https://www.ibm.com/support/pages/node/6988623 • CWE-1236: Improper Neutralization of Formula Elements in a CSV File •
CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0CVE-2023-35898 – IBM InfoSphere Information Server information disclosure
https://notcve.org/view.php?id=CVE-2023-35898
IBM InfoSphere Information Server 11.7 could allow an authenticated user to obtain sensitive information due to an insecure security configuration in InfoSphere Data Flow Designer. IBM X-Force ID: 259352. IBM InfoSphere Information Server v11.7 podría permitir a un usuario autenticado obtener información confidencial debido a una configuración de seguridad insegura en "InfoSphere Data Flow Designer". IBM X-Force ID: 259352. • https://exchange.xforce.ibmcloud.com/vulnerabilities/259352 https://www.ibm.com/support/pages/node/7009205 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.3EPSS: 0%CPEs: 4EXPL: 0CVE-2023-33857 – IBM InfoSphere Information Server information disclosure
https://notcve.org/view.php?id=CVE-2023-33857
IBM InfoSphere Information Server 11.7 could allow a remote attacker to obtain system information using a specially crafted query that could aid in further attacks against the system. IBM X-Force ID: 257695. IBM InfoSphere Information Server v11.7 podría permitir a un atacante remoto obtener información del sistema utilizando una consulta especialmente manipulada que podría ayudar en futuros ataques contra el sistema. ID de IBM X-Force: 257695. • https://exchange.xforce.ibmcloud.com/vulnerabilities/257695 https://www.ibm.com/support/pages/node/7007059 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •