Ibm Infosphere Information Server
145 CVEs affecting Ibm Infosphere Information Server. Latest disclosed: 2026-03-25. Critical: 1, High: 25.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2017-1383 | Critical | 9.1 | 2017-08-02 | IBM InfoSphere Information Server 9.1, 11.3, and 11.5 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker… |
CVE-2025-36245 | High | 8.8 | 2025-09-29 | IBM InfoSphere 11.7.0.0 through 11.7.1.6 Information Server could allow an authenticated user to execute arbitrary commands with elevated privileges on the sys… |
CVE-2023-32336 | High | 8.8 | 2023-05-22 | IBM InfoSphere Information Server 11.7 is affected by a remote code execution vulnerability due to insecure deserialization in an RMI service. IBM X-Force ID… |
CVE-2018-1701 | High | 8.5 | 2019-02-15 | IBM InfoSphere Information Server 11.7 could allow an authenciated user under specialized conditions to inject commands into the installation process that woul… |
CVE-2024-51459 | High | 8.4 | 2025-03-19 | IBM InfoSphere Information Server 11.7 could allow a local user to execute privileged commands due to the improper handling of permissions. |
CVE-2017-1350 | High | 8.4 | 2018-06-05 | IBM InfoSphere Information Server 9.1, 11.3, 11.5, and 11.7 could allow a user to escalate their privileges to administrator due to improper access controls. I… |
CVE-2019-4185 | High | 8.3 | 2019-06-06 | IBM InfoSphere Information Server 11.7.1 containers are vulnerable to privilege escalation due to an insecurely configured component. IBM X-Force ID: 158975. |
CVE-2023-40363 | High | 8.1 | 2023-11-18 | IBM InfoSphere Information Server 11.7 could allow an authenticated user to change installation files due to incorrect file permission settings. IBM X-Force I… |
CVE-2020-4305 | High | 8.1 | 2020-07-09 | IBM InfoSphere Information Server 11.3, 11.5, and 11.7 could allow a remote attacker to execute arbitrary code on the system, caused by the deserialization of… |
CVE-2017-1467 | High | 8.1 | 2017-08-02 | A network layer security vulnerability in InfoSphere Information Server 9.1, 11.3, and 11.5 can lead to privilege escalation or unauthorized access. IBM X-Forc… |
CVE-2025-33003 | High | 7.8 | 2025-10-31 | IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 could allow a non-root user to gain higher privileges/capabilities within the scope of a container… |
CVE-2017-1469 | High | 7.8 | 2017-08-14 | IBM InfoSphere Information Server 9.1, 11.3, and 11.5 could allow a local user to gain elevated privileges by placing arbitrary files in installation directori… |
CVE-2017-1468 | High | 7.8 | 2017-08-02 | IBM InfoSphere Information Server 9.1, 11.3, and 11.5 could allow a local user to gain elevated privileges by placing arbitrary files in installation directori… |
CVE-2025-0966 | High | 7.6 | 2025-06-25 | IBM InfoSphere Information Server 11.7 vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attack… |
CVE-2025-3221 | High | 7.5 | 2025-06-21 | IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 could allow a remote attacker to cause a denial of service due to insufficient validation of incomi… |
CVE-2023-40699 | High | 7.5 | 2023-12-01 | IBM InfoSphere Information Server 11.7 could allow a remote attacker to cause a denial of service due to improper input validation. IBM X-Force ID: 265161… |
CVE-2023-24960 | High | 7.5 | 2023-02-17 | IBM InfoSphere Information Server 11.7 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL requ… |
CVE-2020-4347 | High | 7.3 | 2020-04-16 | IBM InfoSphere Information Server 11.3, 11.5, and 11.7 could be subject to attacks based on privilege escalation due to inappropriate file permissions for file… |
CVE-2024-28798 | High | 7.2 | 2024-06-30 | IBM InfoSphere Information Server 11.7 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the… |
CVE-2025-36258 | High | 7.1 | 2026-03-25 | IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 product stores user credentials and other sensitive information in plain text which can be read by… |