CVE-2025-3221

Published: Jun 21, 2025Modified: Jul 8, 2025

7.5

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Exploitability: 3.9 / Impact: 3.6

Source: psirt@us.ibm.com (Secondary)

Description

IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 could allow a remote attacker to cause a denial of service due to insufficient validation of incoming request resources.

Affected (1)

Products: Ibm: Infosphere Information Server

Ibm

1 product

Infosphere Information Server

Configuration A

1 vulnerable · 3 platform

Vulnerable Software	Affected Versions
Ibm Infosphere Information Server	From 11.7 to 11.7.1.6

Running on/with	Platform Versions
Ibm Aix	All versions
Linux Linux Kernel	All versions
Microsoft Windows	All versions

Related CWEs

CWE-770

Allocation of Resources Without Limits or Throttling

The product allocates a reusable resource or group of resources on behalf of an actor without imposing any restrictions on the size or number of resources that can be allocated, in violation of the intended security policy for that actor.

References (1)

https://www.ibm.com/support/pages/node/7235496

Source: psirt@us.ibm.com

Vendor Advisory

Timeline

No history available yet.