Infosphere Information Server On Cloud

infosphere_information_server_on_cloud

Vendor: Ibm • 29 CVEs

CVEs (29)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2025-1499 1Ibm 2Infosphere Information Server Infosphere Information Server On Cloud Jun 9, 2025 Jun 1, 2025 N/A· v4 6.5 MEDIUM· v3 N/A· v2 IBM InfoSphere Information Server 11.7 stores credential information for database authentication in a cleartext parameter file that could be viewed by an authenticated user.
CVE-2025-1138 1Ibm 2Infosphere Information Server Infosphere Information Server On Cloud Jun 4, 2025 May 15, 2025 N/A· v4 4.3 MEDIUM· v3 N/A· v2 IBM InfoSphere Information Server 11.7 could disclose sensitive information to an authenticated user that could aid in further attacks against the system through a directory listing.
CVE-2024-40689 1Ibm 2Infosphere Information Server Infosphere Information Server On Cloud Nov 21, 2024 Jul 26, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 IBM InfoSphere Information Server 11.7 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify, or delete information in the back...Show more IBM InfoSphere Information Server 11.7 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify, or delete information in the back-end database. IBM X-Force ID: 297719.Show less
CVE-2022-40752 1Ibm 2Infosphere Information Server Infosphere Information Server On Cloud Jul 23, 2025 Nov 16, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 IBM InfoSphere DataStage 11.7 is vulnerable to a command injection vulnerability due to improper neutralization of special elements. IBM X-Force ID: 236687.
CVE-2022-22442 1Ibm 2Infosphere Information Server Infosphere Information Server On Cloud May 5, 2025 Nov 3, 2022 N/A· v4 6.5 MEDIUM· v3 N/A· v2 "IBM InfoSphere Information Server 11.7 could allow an authenticated user to access information restricted to users with elevated privileges due to improper access controls. IBM X-Force ID: 224427."
CVE-2022-22454 1Ibm 1Infosphere Information Server On Cloud Nov 21, 2024 May 10, 2022 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 IBM InfoSphere Information Server 11.7 could allow a locally authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request.
CVE-2020-4305 1Ibm 2Infosphere Information Server Infosphere Information Server On Cloud Nov 21, 2024 Jul 9, 2020 N/A· v4 8.8 HIGH· v3 9.3 HIGH· v2 IBM InfoSphere Information Server 11.3, 11.5, and 11.7 could allow a remote attacker to execute arbitrary code on the system, caused by the deserialization of untrusted data. By persuading a victim to visit a specially c...Show more IBM InfoSphere Information Server 11.3, 11.5, and 11.7 could allow a remote attacker to execute arbitrary code on the system, caused by the deserialization of untrusted data. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 176677.Show less
CVE-2020-4298 1Ibm 2Infosphere Information Server Infosphere Information Server On Cloud Nov 21, 2024 May 19, 2020 N/A· v4 5.4 MEDIUM· v3 3.5 LOW· v2 IBM InfoSphere Information Server 11.3, 11.5, and 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality pote...Show more IBM InfoSphere Information Server 11.3, 11.5, and 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 176475.Show less
CVE-2020-4286 1Ibm 2Infosphere Information Server Infosphere Information Server On Cloud Nov 21, 2024 May 19, 2020 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 IBM InfoSphere Information Server 11.3, 11.5, and 11.7 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trus...Show more IBM InfoSphere Information Server 11.3, 11.5, and 11.7 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 176268.Show less
CVE-2020-4384 1Ibm 2Infosphere Information Server On Cloud Infosphere Qualitystage Nov 21, 2024 May 6, 2020 N/A· v4 5.4 MEDIUM· v3 3.5 LOW· v2 IBM InfoSphere Information Server 11.3, 11.5, and 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality pote...Show more IBM InfoSphere Information Server 11.3, 11.5, and 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 179265.Show less
CVE-2019-4237 1Ibm 3Infosphere Information Governance Catalog Infosphere Information ServerInfosphere Information Server On Cloud Nov 21, 2024 Jul 1, 2019 N/A· v4 5.4 MEDIUM· v3 3.5 LOW· v2 A Cross-Frame Scripting vulnerability in IBM InfoSphere Information Server 11.3, 11.5, and 11.7 can allow an attacker to load the vulnerable application inside an HTML iframe tag on a malicious page. IBM X-Force ID: 1594...Show more A Cross-Frame Scripting vulnerability in IBM InfoSphere Information Server 11.3, 11.5, and 11.7 can allow an attacker to load the vulnerable application inside an HTML iframe tag on a malicious page. IBM X-Force ID: 159419.Show less
CVE-2018-1845 1Ibm 5Infosphere Governance Catalog Infosphere Information ServerInfosphere Information Server Business Glossary+2 more Nov 21, 2024 Jun 17, 2019 N/A· v4 7.1 HIGH· v3 5.5 MEDIUM· v2 IBM InfoSphere Information Server 11.3, 11.5, and 11.7 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive inform...Show more IBM InfoSphere Information Server 11.3, 11.5, and 11.7 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 150905.Show less
CVE-2019-4257 1Ibm 3Infosphere Information Analyzer Infosphere Information Governance CatalogInfosphere Information Server On Cloud Nov 21, 2024 Jun 6, 2019 N/A· v4 4.3 MEDIUM· v3 4.0 MEDIUM· v2 IBM InfoSphere Information Server 11.5 and 11.7 is affected by an information disclosure vulnerability. Sensitive information in an error message may be used to conduct further attacks against the system. IBM X-Force ID:...Show more IBM InfoSphere Information Server 11.5 and 11.7 is affected by an information disclosure vulnerability. Sensitive information in an error message may be used to conduct further attacks against the system. IBM X-Force ID: 159945.Show less
CVE-2019-4220 1Ibm 2Infosphere Information Server On Cloud Watson Knowledge Catalog Nov 21, 2024 Jun 6, 2019 N/A· v4 5.5 MEDIUM· v3 2.1 LOW· v2 IBM InfoSphere Information Server 11.7.1.0 stores a common hard coded encryption key that could be used to decrypt sensitive information. IBM X-Force ID: 159229.
CVE-2019-4185 1Ibm 2Infosphere Information Server Infosphere Information Server On Cloud Nov 21, 2024 Jun 6, 2019 N/A· v4 8.3 HIGH· v3 5.4 MEDIUM· v2 IBM InfoSphere Information Server 11.7.1 containers are vulnerable to privilege escalation due to an insecurely configured component. IBM X-Force ID: 158975.
CVE-2019-4238 1Ibm 2Infosphere Information Server Infosphere Information Server On Cloud Nov 21, 2024 Apr 25, 2019 N/A· v4 5.4 MEDIUM· v3 3.5 LOW· v2 IBM InfoSphere Information Server 11.3, 11.5, and 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality pote...Show more IBM InfoSphere Information Server 11.3, 11.5, and 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 159464.Show less
CVE-2018-1994 1Ibm 2Infosphere Information Server On Cloud Infosphere Metadata Asset Manager Nov 21, 2024 Apr 10, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 IBM InfoSphere Information Server 11.5 and 11.7 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in...Show more IBM InfoSphere Information Server 11.5 and 11.7 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 154494.Show less
CVE-2018-1917 1Ibm 2Infosphere Information Server Infosphere Information Server On Cloud Nov 21, 2024 Apr 2, 2019 N/A· v4 6.5 MEDIUM· v3 4.0 MEDIUM· v2 IBM InfoSphere Information Server 11.3, 11.5, and 11.7 could allow an authenticated user to access JSP files and disclose sensitive information. IBM X-Force ID: 152784.
CVE-2018-1906 1Ibm 2Infosphere Information Server Infosphere Information Server On Cloud Nov 21, 2024 Apr 2, 2019 N/A· v4 6.5 MEDIUM· v3 4.0 MEDIUM· v2 IBM InfoSphere Information Server 11.3, 11.5, and 11.7could allow an authenticated user to download code using a specially crafted HTTP request. IBM X-Force ID: 152663.
CVE-2018-1899 1Ibm 2Infosphere Information Governance Catalog Infosphere Information Server On Cloud Nov 21, 2024 Mar 5, 2019 N/A· v4 4.3 MEDIUM· v3 3.3 LOW· v2 IBM InfoSphere Information Server 11.3, 11.5, and 11.7 could allow an attacker to change one of the settings related to InfoSphere Business Glossary Anywhere due to improper access control. IBM X-Force ID: 152528.

12 Next