CVE-2022-35715

Published: Aug 10, 2022Modified: Oct 20, 2025

7.5

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Exploitability: 3.9 / Impact: 3.6

Source: NVD

Description

IBM InfoSphere Information Server 11.7 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in a stack trace. This information could be used in further attacks against the system. IBM X-Force ID: 231202.

Affected (1)

Products: Ibm: Infosphere Information Server

1 product

Infosphere Information Server

Configuration A

1 vulnerable · 3 platform

Vulnerable Software	Affected Versions
Ibm Infosphere Information Server	Version 11.7

Running on/with	Platform Versions
Ibm Aix	All versions
Linux Linux Kernel	All versions
Microsoft Windows	All versions

Related CWEs

Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

Generation of Error Message Containing Sensitive Information

The product generates an error message that includes sensitive information about its environment, users, or associated data.

References (4)

https://exchange.xforce.ibmcloud.com/vulnerabilities/231202

Source: psirt@us.ibm.com

VDB EntryVendor Advisory

https://www.ibm.com/support/pages/node/6610883

Source: psirt@us.ibm.com

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/231202

Source: af854a3a-2127-422b-91ae-364da2661108

VDB EntryVendor Advisory

https://www.ibm.com/support/pages/node/6610883

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.