CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2022-35715
https://notcve.org/view.php?id=CVE-2022-35715
10 Aug 2022 — IBM InfoSphere Information Server 11.7 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in a stack trace. This information could be used in further attacks against the system. IBM X-Force ID: 231202. IBM InfoSphere Information Server versión 11.7, podría permitir a un atacante remoto obtener información confidencial cuando es devuelto un mensaje de error técnico detallado en un seguimiento de pila. Esta información podría usarse en otros ataqu... • https://exchange.xforce.ibmcloud.com/vulnerabilities/231202 • CWE-209: Generation of Error Message Containing Sensitive Information •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2022-22373
https://notcve.org/view.php?id=CVE-2022-22373
01 Jul 2022 — An improper validation vulnerability in IBM InfoSphere Information Server 11.7 Pack for SAP Apps and BW Packs may lead to creation of directories and files on the server file system that may contain non-sensitive debugging information like stack traces. IBM X-Force ID: 221323. Una vulnerabilidad de comprobación inapropiada en IBM InfoSphere Information Server versión 11.7 Pack for SAP Apps and BW Packs, puede conllevar a una creación de directorios y archivos en el sistema de archivos del servidor que puede... • https://exchange.xforce.ibmcloud.com/vulnerabilities/221323 •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-31768
https://notcve.org/view.php?id=CVE-2022-31768
06 Jun 2022 — IBM InfoSphere Information Server 11.7 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM InfoSphere Information Server versión 11.7, es vulnerable a una inyección SQL. Un atacante remoto podría enviar sentencias SQL especialmente diseñadas, lo que podría permitir al atacante visualizar, añadir, modificar o eliminar información en la base de datos del back-end • https://exchange.xforce.ibmcloud.com/vulnerabilities/227986 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2022-22454
https://notcve.org/view.php?id=CVE-2022-22454
10 May 2022 — IBM InfoSphere Information Server 11.7 could allow a locally authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request. IBM InfoSphere Information Server versión 11.7, podría permitir a un atacante autenticado localmente ejecutar comandos arbitrarios en el sistema mediante el envío de una petición especialmente diseñada • https://exchange.xforce.ibmcloud.com/vulnerabilities/224987 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0CVE-2022-22443
https://notcve.org/view.php?id=CVE-2022-22443
28 Apr 2022 — IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 224440. IBM InfoSphere Information Server versión 11.7, es vulnerable a un ataque de tipo cross-site scripting. Esta vulnerabilidad permite a usuarios insertar código JavaScript arbitrario en la Interfaz de Usuario Web, alte... • https://exchange.xforce.ibmcloud.com/vulnerabilities/224440 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-22441
https://notcve.org/view.php?id=CVE-2022-22441
28 Apr 2022 — IBM InfoSphere Information Server 11.7 could allow an authenticated user to view information of higher privileged users and groups due to a privilege escalation vulnerability. IBM X-Force ID: 224426. IBM InfoSphere Information Server versión 11.7, podría permitir a un usuario autenticado visualizar información de usuarios y grupos con altos privilegios debido a una vulnerabilidad de escalada de privilegios. IBM X-Force ID: 224426 • https://exchange.xforce.ibmcloud.com/vulnerabilities/224426 •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2022-22427
https://notcve.org/view.php?id=CVE-2022-22427
28 Apr 2022 — IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 223720. IBM InfoSphere Information Server versión 11.7, es vulnerable a un ataque de tipo cross-site scripting. Esta vulnerabilidad permite a usuarios insertar código JavaScript arbitrario en la Interfaz de Usuario Web, alte... • https://exchange.xforce.ibmcloud.com/vulnerabilities/223720 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0CVE-2022-22322
https://notcve.org/view.php?id=CVE-2022-22322
28 Apr 2022 — IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 218370. IBM InfoSphere Information Server versión 11.7, es vulnerable a un ataque de tipo cross-site scripting. Esta vulnerabilidad permite a usuarios insertar código JavaScript arbitrario en la interfaz de usuario de la web... • https://exchange.xforce.ibmcloud.com/vulnerabilities/218370 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0CVE-2021-38952
https://notcve.org/view.php?id=CVE-2021-38952
28 Apr 2022 — IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 211408. IBM InfoSphere Information Server versión 11.7, es vulnerable a un ataque de tipo cross-site scripting. Esta vulnerabilidad permite a usuarios insertar código JavaScript arbitrario en la Interfaz de Usuario Web, alte... • https://exchange.xforce.ibmcloud.com/vulnerabilities/211408 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2021-38887
https://notcve.org/view.php?id=CVE-2021-38887
10 Nov 2021 — IBM InfoSphere Information Server 11.7 could allow an authenticated user to obtain sensitive information from application response requests that could be used in further attacks against the system. IBM X-Force ID: 209401. IBM InfoSphere Information Server versión 11.7 podría permitir a un usuario autenticado conseguir información confidencial de las peticiones de respuesta de las aplicaciones que podría ser usada en otros ataques contra el sistema. IBM X-Force ID: 209401 • https://exchange.xforce.ibmcloud.com/vulnerabilities/209401 •