CVSS: 5.3EPSS: 0%CPEs: 3EXPL: 0CVE-2022-41733 – IBM InfoSphere Information Server denial of service
https://notcve.org/view.php?id=CVE-2022-41733
20 Jan 2023 — IBM InfoSphere Information Server 11.7 could allow a remote attacked to cause some of the components to be unusable until the process is restarted. IBM X-Force ID: 237583. IBM InfoSphere Information Server 11.7 podría permitir que un ataque remoto provoque que algunos de los componentes queden inutilizables hasta que se reinicie el proceso. ID de IBM X-Force: 237583. • https://exchange.xforce.ibmcloud.com/vulnerabilities/237583 • CWE-20: Improper Input Validation •
CVSS: 9.8EPSS: 4%CPEs: 1EXPL: 1CVE-2020-27583
https://notcve.org/view.php?id=CVE-2020-27583
21 Jan 2021 — IBM InfoSphere Information Server 8.5.0.0 is affected by deserialization of untrusted data which could allow remote unauthenticated attackers to execute arbitrary code. NOTE: This vulnerability only affects products that are no longer supported by the maintainer IBM InfoSphere Information Server versión 8.5.0.0, está afectado por una deserialización de datos que no son confiables, lo que podría permitir a atacantes remotos no autenticados ejecutar código arbitrario. NOTA: Esta vulnerabilidad solo afect... • https://n4nj0.github.io/advisories/ibm-infosphere-java-deserialization • CWE-502: Deserialization of Untrusted Data •
CVSS: 6.8EPSS: 0%CPEs: 3EXPL: 0CVE-2012-4818
https://notcve.org/view.php?id=CVE-2012-4818
28 Aug 2020 — IBM InfoSphere Information Server 8.1, 8.5, and 8,7 could allow a remote authenticated attacker to obtain sensitive information, caused by improper restrictions on directories. An attacker could exploit this vulnerability via the DataStage application to load or import content functionality to view arbitrary files on the system. IBM InfoSphere Information Server versiones 8.1, 8.5 y 8.7, podría permitir a un atacante remoto autenticado obtener información sensible, causada por restricciones inapropiadas en ... • https://exchange.xforce.ibmcloud.com/vulnerabilities/78651 •
CVSS: 8.1EPSS: 0%CPEs: 4EXPL: 0CVE-2013-0507
https://notcve.org/view.php?id=CVE-2013-0507
05 Feb 2020 — IBM InfoSphere Information Server 8.1, 8.5, 8.7, 9.1 has a Session Fixation Vulnerability IBM InfoSphere Information Server versiones 8.1, 8.5, 8.7, 9.1, presenta una Vulnerabilidad de Fijación de Sesión. • http://www.securityfocus.com/bid/59815 • CWE-384: Session Fixation •
CVSS: 4.7EPSS: 0%CPEs: 5EXPL: 0CVE-2015-7493
https://notcve.org/view.php?id=CVE-2015-7493
08 Feb 2017 — IBM InfoSphere Information Server could allow a local user under special circumstances to execute commands during installation processes that could expose sensitive information. IBM InfoSphere Information Server podría permitir a un usuario local bajo especiales circunstancias ejecutar comandos durante procesos de instalación que podrían exponer información sensible. • http://www.ibm.com/support/docview.wss?uid=swg21982034 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.4EPSS: 0%CPEs: 9EXPL: 0CVE-2016-0280
https://notcve.org/view.php?id=CVE-2016-0280
08 Aug 2016 — Cross-site scripting (XSS) vulnerability in IBM Information Server Framework 8.5, Information Server Framework and InfoSphere Information Server Business Glossary 8.7 before FP2, Information Server Framework and InfoSphere Information Server Business Glossary 9.1 before 9.1.2.0, Information Server Framework and InfoSphere Information Governance Catalog 11.3 before 11.3.1.2, and Information Server Framework and InfoSphere Information Governance Catalog 11.5 before 11.5.0.1 allows remote authenticated users t... • http://www-01.ibm.com/support/docview.wss?uid=swg1JR55452 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 3.5EPSS: 0%CPEs: 13EXPL: 0CVE-2015-7490
https://notcve.org/view.php?id=CVE-2015-7490
03 Mar 2016 — IBM InfoSphere Information Server 8.5 through FP3, 8.7 through FP2, 9.1 through 9.1.2.0, 11.3 through 11.3.1.2, and 11.5 allows remote authenticated users to bypass intended access restrictions via a modified cookie. IBM InfoSphere Information Server 8.5 hasta la versión FP3, 8.7 hasta la versión FP2, 9.1 hasta la versión 9.1.2.0, 11.3 hasta la versión 11.3.1.2 y 11.5 permite a usuarios remotos autentificados eludir las restricciones destinadas al acceso a través de una cookie modificada. • http://www-01.ibm.com/support/docview.wss?uid=swg1JR54787 • CWE-284: Improper Access Control •
CVSS: 5.5EPSS: 0%CPEs: 12EXPL: 0CVE-2015-1901
https://notcve.org/view.php?id=CVE-2015-1901
28 Jun 2015 — The installer in IBM InfoSphere Information Server 8.5 through 11.3 before 11.3.1.2 allows local users to obtain sensitive information via unspecified commands. El instalador en IBM InfoSphere Information Server 8.5 hasta 11.3 anterior a 11.3.1.2 permite a usuarios locales obtener información sensible a través de comandos no especificados. • http://www-01.ibm.com/support/docview.wss?uid=swg1JR52549 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 0CVE-2015-0180
https://notcve.org/view.php?id=CVE-2015-0180
25 May 2015 — The Connector Migration Tool in IBM InfoSphere Information Server 8.1 through 11.3 allows remote authenticated users to bypass intended restrictions on job creation and modification via unspecified vectors. Connector Migration Tool en IBM InfoSphere Information Server 8.1 hasta 11.3 permite a usuarios remotos autenticados evadir las restricciones sobre la creación y modificación de empleo a través de vectores no especificados. • http://www-01.ibm.com/support/docview.wss?uid=swg1JR51665 • CWE-284: Improper Access Control •
CVSS: 8.8EPSS: 0%CPEs: 10EXPL: 0CVE-2013-4057
https://notcve.org/view.php?id=CVE-2013-4057
16 Mar 2014 — Cross-site request forgery (CSRF) vulnerability in the XML Pack in IBM InfoSphere Information Server 8.5.x through 8.5 FP3, 8.7.x through 8.7 FP2, and 9.1.x through 9.1.2.0 allows remote attackers to hijack the authentication of arbitrary users. Vulnerabilidad de CSRF en el pack de XML en el servidor de IBM InfoSphere Information 8.5.x hasta 8.5 FP3, 8.7.x hasta 8.7 FP2 y 9.1.x hasta 9.1.2.0 permite a atacantes remotos secuestrar la autenticación de usuarios arbitrarios. • http://www-01.ibm.com/support/docview.wss?uid=swg1JR48815 • CWE-352: Cross-Site Request Forgery (CSRF) •