2 results (0.007 seconds)

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0

IBM InfoSphere Metadata Asset Manager 11.7 is vulnerable to server-side request forgery. By sending a specially crafted request, a remote authenticated attacker could exploit this vulnerability to submit or control server requests. IBM X-Force ID: 185416. IBM InfoSphere Metadata Asset Manager versión 11.7, es vulnerable a un ataque de tipo server-side request forgery. Mediante el envío de una petición especialmente diseñada, un atacante autenticado remoto podría explotar esta vulnerabilidad para enviar o controlar peticiones del servidor. • https://exchange.xforce.ibmcloud.com/vulnerabilities/185416 https://www.ibm.com/support/pages/node/6323721 • CWE-918: Server-Side Request Forgery (SSRF) •

CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0

IBM InfoSphere Information Server 11.5 and 11.7 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 154494. IBM InfoSphere Information Server versión 11.5 y versión 11.7 es vulnerable a la inyección SQL. Un atacante remoto podría enviar sentencias de SQL especialmente creadas, que podrían permitirle ver, agregar, modificar o eliminar información en la base de datos back-end. • https://exchange.xforce.ibmcloud.com/vulnerabilities/154494 https://www.ibm.com/support/docview.wss?uid=ibm10793871 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •