CVSS: 5.3EPSS: 0%CPEs: 3EXPL: 0CVE-2022-41733 – IBM InfoSphere Information Server denial of service
https://notcve.org/view.php?id=CVE-2022-41733
20 Jan 2023 — IBM InfoSphere Information Server 11.7 could allow a remote attacked to cause some of the components to be unusable until the process is restarted. IBM X-Force ID: 237583. IBM InfoSphere Information Server 11.7 podría permitir que un ataque remoto provoque que algunos de los componentes queden inutilizables hasta que se reinicie el proceso. ID de IBM X-Force: 237583. • https://exchange.xforce.ibmcloud.com/vulnerabilities/237583 • CWE-20: Improper Input Validation •
CVSS: 6.8EPSS: 0%CPEs: 3EXPL: 0CVE-2012-4818
https://notcve.org/view.php?id=CVE-2012-4818
28 Aug 2020 — IBM InfoSphere Information Server 8.1, 8.5, and 8,7 could allow a remote authenticated attacker to obtain sensitive information, caused by improper restrictions on directories. An attacker could exploit this vulnerability via the DataStage application to load or import content functionality to view arbitrary files on the system. IBM InfoSphere Information Server versiones 8.1, 8.5 y 8.7, podría permitir a un atacante remoto autenticado obtener información sensible, causada por restricciones inapropiadas en ... • https://exchange.xforce.ibmcloud.com/vulnerabilities/78651 •
CVSS: 8.1EPSS: 0%CPEs: 4EXPL: 0CVE-2013-0507
https://notcve.org/view.php?id=CVE-2013-0507
05 Feb 2020 — IBM InfoSphere Information Server 8.1, 8.5, 8.7, 9.1 has a Session Fixation Vulnerability IBM InfoSphere Information Server versiones 8.1, 8.5, 8.7, 9.1, presenta una Vulnerabilidad de Fijación de Sesión. • http://www.securityfocus.com/bid/59815 • CWE-384: Session Fixation •
CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 0CVE-2015-0180
https://notcve.org/view.php?id=CVE-2015-0180
25 May 2015 — The Connector Migration Tool in IBM InfoSphere Information Server 8.1 through 11.3 allows remote authenticated users to bypass intended restrictions on job creation and modification via unspecified vectors. Connector Migration Tool en IBM InfoSphere Information Server 8.1 hasta 11.3 permite a usuarios remotos autenticados evadir las restricciones sobre la creación y modificación de empleo a través de vectores no especificados. • http://www-01.ibm.com/support/docview.wss?uid=swg1JR51665 • CWE-284: Improper Access Control •
CVSS: 3.3EPSS: 0%CPEs: 5EXPL: 0CVE-2013-5440
https://notcve.org/view.php?id=CVE-2013-5440
18 Dec 2013 — IBM InfoSphere Information Server 8.0, 8.1, 8.5, 8.7, and 9.1 allows local users to obtain sensitive information in opportunistic circumstances by leveraging the presence of file content after a failed installation. IBM InfoSphere Information Server 8.0, 8.1, 8.5, 8.7 y 9.1 permite a usuarios locales obtener información sensible en circunstancias oportunistas aprovechando la presencia de archivos despues de una instalación fallida. • http://www-01.ibm.com/support/docview.wss?uid=swg1JR48095 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.4EPSS: 0%CPEs: 8EXPL: 0CVE-2013-4066
https://notcve.org/view.php?id=CVE-2013-4066
02 Oct 2013 — IBM InfoSphere Information Server 8.0, 8.1, 8.5 through FP3, 8.7, and 9.1 allows remote attackers to conduct clickjacking attacks by creating an overlay interface on top of the Web Console interface. IBM InfoSphere Information Server v8.0, v8.1, v8.5 hasta FP3, v8.7, y v9.1 permite a atacantes remotos llevar a cabo ataques de phising mediante la creación de un interfaz superpuesto en el interfaz de la consola web. • http://www.ibm.com/support/docview.wss?uid=swg21651343 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 8EXPL: 0CVE-2013-4067
https://notcve.org/view.php?id=CVE-2013-4067
02 Oct 2013 — IBM InfoSphere Information Server 8.0, 8.1, 8.5 through FP3, 8.7, and 9.1 allows remote attackers to hijack sessions and read cookie values, or conduct phishing attacks to capture credentials, via unspecified vectors. IBM InfoSphere Information Server v8.0, v8.1, v8.5 hasta FP3, v8.7 y v9.1 permite a atacantes remotos secuestrar sesiones y leer valores de cookies, o llevar a acabo ataques de phising para capturar credenciales a través de vectores no especificados. • http://www.ibm.com/support/docview.wss?uid=swg21651343 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.4EPSS: 0%CPEs: 4EXPL: 0CVE-2013-3034
https://notcve.org/view.php?id=CVE-2013-3034
16 Aug 2013 — Cross-site scripting (XSS) vulnerability in IBM InfoSphere Information Server through 8.5 FP3, 8.7 through FP2, and 9.1 allows remote authenticated users to inject arbitrary web script or HTML via vectors related to the web console. Vulnerabilidad Cross-site scripting (XSS) en IBM InfoSphere Information Server hasta v8.5 FP3, v8.7 hasta FP2, y v9.1 permite a usuarios remotos autenticados inyectar secuencias de comandos web o HTML a través de vectores relacionados con la consola web. • http://www-01.ibm.com/support/docview.wss?uid=swg21646136 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 4EXPL: 0CVE-2013-0585
https://notcve.org/view.php?id=CVE-2013-0585
16 Aug 2013 — Multiple cross-site scripting (XSS) vulnerabilities in IBM InfoSphere Information Server through 8.5 FP3, 8.7 through FP2, and 9.1 allow remote authenticated users to inject arbitrary web script or HTML via vectors related to the (1) web console and (2) repository management user interfaces. Múltiples vulnerabilidades de cross-site scripting (XSS) en IBM InfoSphere Information Server hasta v8.5 FP3, v8.7 hasta FP2, y 9.1 permiten a los usuarios autenticados remotos inyectar secuencias de comandos web o HTML... • http://www-01.ibm.com/support/docview.wss?uid=swg21646136 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 9EXPL: 0CVE-2013-0502
https://notcve.org/view.php?id=CVE-2013-0502
01 Apr 2013 — Cross-site scripting (XSS) vulnerability in IBM InfoSphere Information Server 8.1, 8.5 through FP3, 8.7 through FP2, and 9.1 allows remote attackers to inject arbitrary web script or HTML via a malformed URL. Vulnerabilidad XSS en IBM InfoSphere Information Server 8.1, 8.5 a la FP3, 8.7 a la FP2, y 9.1, permite a atacantes remotos inyectar secuencias de comandos web o HTML a través de una URL mal formada. • http://www-01.ibm.com/support/docview.wss?uid=swg1JR45274 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •