CVSS: 3.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-55895 – IBM InfoSphere Information Server information disclosure
https://notcve.org/view.php?id=CVE-2024-55895
29 Mar 2025 — IBM InfoSphere Information Server 11.7 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. • https://www.ibm.com/support/pages/node/7185450 • CWE-209: Generation of Error Message Containing Sensitive Information •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-51477 – IBM InfoSphere Information Server information disclosure
https://notcve.org/view.php?id=CVE-2024-51477
28 Mar 2025 — IBM InfoSphere Information Server 11.7 could allow an authenticated to obtain sensitive username information due to an observable response discrepancy. • https://www.ibm.com/support/pages/node/7185058 • CWE-203: Observable Discrepancy •
CVSS: 4.6EPSS: 0%CPEs: 1EXPL: 0CVE-2024-7577 – IBM InfoSphere Information Server information disclosure
https://notcve.org/view.php?id=CVE-2024-7577
28 Mar 2025 — IBM InfoSphere Information Server 11.7 could disclose sensitive user credentials from log files during new installation of the product. • https://www.ibm.com/support/pages/node/7185020 • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-43186 – IBM InfoSphere Information Server information disclosure
https://notcve.org/view.php?id=CVE-2024-43186
28 Mar 2025 — IBM InfoSphere Information Server 11.7 could allow an authenticated user to obtain sensitive information that is stored locally under certain conditions. • https://www.ibm.com/support/pages/node/7184980 • CWE-256: Plaintext Storage of a Password •
CVSS: 8.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-51459 – IBM InfoSphere Server Information command execution
https://notcve.org/view.php?id=CVE-2024-51459
19 Mar 2025 — IBM InfoSphere Information Server 11.7 could allow a local user to execute privileged commands due to the improper handling of permissions. • https://www.ibm.com/support/pages/node/7185056 • CWE-280: Improper Handling of Insufficient Permissions or Privileges •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-40706 – IBM InfoSphere Information Server information disclosure
https://notcve.org/view.php?id=CVE-2024-40706
24 Jan 2025 — IBM InfoSphere Information Server 11.7 could allow a remote user to obtain sensitive version information that could aid in further attacks against the system. • https://www.ibm.com/support/pages/node/7169826 • CWE-497: Exposure of Sensitive System Information to an Unauthorized Control Sphere •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-52363 – IBM InfoSphere Information Server directory traversal
https://notcve.org/view.php?id=CVE-2024-52363
17 Jan 2025 — IBM InfoSphere Information Server 11.7 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. • https://www.ibm.com/support/pages/node/7176515 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 5.2EPSS: 0%CPEs: 1EXPL: 0CVE-2021-29827 – IBM InfoSphere Information Server clickjacking
https://notcve.org/view.php?id=CVE-2021-29827
18 Dec 2024 — IBM InfoSphere Information Server 11.7 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim. IBM InfoSphere Information Server 11.7 podría permitir que un atacante remoto secuestrara la acción de clic de la víctima. Al persuadir a la víctima para que visite un sitio web malicioso, un atacante... • https://www.ibm.com/support/pages/security-bulletin-ibm-infosphere-information-server-vulnerable-cross-frame-scripting-exploit-cve-2021-29827 • CWE-1021: Improper Restriction of Rendered UI Layers or Frames •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-52901 – IBM InfoSphere Information Server denial of service
https://notcve.org/view.php?id=CVE-2024-52901
12 Dec 2024 — IBM InfoSphere Information Server 11.7 could allow an authenticated user to GUI to not load or stop working due to improper input validation. • https://www.ibm.com/support/pages/node/7177700 • CWE-1284: Improper Validation of Specified Quantity in Input •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-51460 – IBM InfoSphere Information Server information disclosure
https://notcve.org/view.php?id=CVE-2024-51460
11 Dec 2024 — IBM InfoSphere Information Server 11.7 could allow an authenticated user to obtain sensitive information when a detailed technical error message is returned in a stack trace. This information could be used in further attacks against the system. • https://www.ibm.com/support/pages/node/7177698 • CWE-209: Generation of Error Message Containing Sensitive Information •