Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Ibm Subscribe
Filtered by product Infosphere Information Server

CVSS v3 Filter

ALL
NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 6 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-40752 3 Ibm, Linux, Microsoft 5 Aix, Infosphere Information Server, Infosphere Information Server On Cloud and 2 more 2023-11-18 N/A 9.8 CRITICAL
IBM InfoSphere DataStage 11.7 is vulnerable to a command injection vulnerability due to improper neutralization of special elements. IBM X-Force ID:  236687.
CVE-2022-31768 1 Ibm 1 Infosphere Information Server 2022-06-14 7.5 HIGH 9.8 CRITICAL
IBM InfoSphere Information Server 11.7 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database.
CVE-2021-38948 3 Ibm, Linux, Microsoft 4 Aix, Infosphere Information Server, Linux Kernel and 1 more 2021-11-03 6.4 MEDIUM 9.1 CRITICAL
IBM InfoSphere Information Server 11.7 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 211402.
CVE-2020-27583 1 Ibm 1 Infosphere Information Server 2021-02-02 7.5 HIGH 9.8 CRITICAL
** UNSUPPORTED WHEN ASSIGNED ** IBM InfoSphere Information Server 8.5.0.0 is affected by deserialization of untrusted data which could allow remote unauthenticated attackers to execute arbitrary code. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
CVE-2018-1727 1 Ibm 1 Infosphere Information Server 2019-10-09 6.4 MEDIUM 9.1 CRITICAL
IBM InfoSphere Information Server 9.1, 11.3, 11.5, and 11.7 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 147630.
CVE-2017-1383 1 Ibm 2 Infosphere Information Server, Softlayer 2017-08-04 6.4 MEDIUM 9.1 CRITICAL
IBM InfoSphere Information Server 9.1, 11.3, and 11.5 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 127155.