Ibm Infosphere_information_server
40 CVEs affecting Ibm Infosphere_information_server. Latest disclosed: 2017-08-14. Critical: 1, High: 4.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2017-1383 | Critical | 9.1 | 2017-08-02 | IBM InfoSphere Information Server 9.1, 11.3, and 11.5 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker… |
CVE-2017-1467 | High | 8.1 | 2017-08-02 | A network layer security vulnerability in InfoSphere Information Server 9.1, 11.3, and 11.5 can lead to privilege escalation or unauthorized access. IBM X-Forc… |
CVE-2016-6059 | High | 8.1 | 2017-02-01 | IBM InfoSphere Information Server is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error when processing XML data. A remo… |
CVE-2017-1469 | High | 7.8 | 2017-08-14 | IBM InfoSphere Information Server 9.1, 11.3, and 11.5 could allow a local user to gain elevated privileges by placing arbitrary files in installation directori… |
CVE-2017-1468 | High | 7.8 | 2017-08-02 | IBM InfoSphere Information Server 9.1, 11.3, and 11.5 could allow a local user to gain elevated privileges by placing arbitrary files in installation directori… |
CVE-2016-5994 | Medium | 6.5 | 2017-02-01 | IBM InfoSphere Information Server contains a vulnerability that would allow an authenticated user to browse any file on the engine tier, and examine its conten… |
CVE-2017-1321 | Medium | 6.1 | 2017-07-12 | IBM InfoSphere Information Server 9.1, 11.3, and 11.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code… |
CVE-2016-5984 | Medium | 6.1 | 2017-02-01 | IBM InfoSphere Information Server is vulnerable to cross-frame scripting, caused by insufficient HTML iframe protection. A remote attacker could exploit this v… |
CVE-2016-8999 | Medium | 5.4 | 2017-02-01 | IBM InfoSphere Information Server contains a Path-relative stylesheet import vulnerability that allows attackers to render a page in quirks mode thereby facili… |
CVE-2017-1495 | Medium | 4.9 | 2017-08-02 | IBM InfoSphere Information Server 9.1, 11.3, and 11.5 could allow a privileged user to cause a memory dump that could contain highly sensitive information incl… |
CVE-2015-7493 | Medium | 4.7 | 2017-02-08 | IBM InfoSphere Information Server could allow a local user under special circumstances to execute commands during installation processes that could expose sens… |
CVE-2015-7490 | Low | 3.1 | 2016-03-03 | IBM InfoSphere Information Server 8.5 through FP3, 8.7 through FP2, 9.1 through 9.1.2.0, 11.3 through 11.3.1.2, and 11.5 allows remote authenticated users to b… |
CVE-2015-5021 | | 2015-11-04 | IBM InfoSphere Information Server 11.3 and 11.5 allows remote authenticated DataStage users to bypass intended job-execution restrictions or obtain sensitive i… | |
CVE-2015-1901 | | 2015-06-28 | The installer in IBM InfoSphere Information Server 8.5 through 11.3 before 11.3.1.2 allows local users to obtain sensitive information via unspecified commands. | |
CVE-2015-0180 | | 2015-05-25 | The Connector Migration Tool in IBM InfoSphere Information Server 8.1 through 11.3 allows remote authenticated users to bypass intended restrictions on job cre… | |
CVE-2014-3071 | | 2014-07-26 | Cross-site scripting (XSS) vulnerability in the Data Quality Console in IBM InfoSphere Information Server 11.3 allows remote attackers to inject arbitrary web… | |
CVE-2013-4059 | | 2014-03-16 | Multiple cross-site scripting (XSS) vulnerabilities in IBM InfoSphere Information Server 8.x through 8.5 FP3, 8.7.x through 8.7 FP2, and 9.1.x through 9.1.2.0… | |
CVE-2013-4058 | | 2014-03-16 | Multiple SQL injection vulnerabilities in IBM InfoSphere Information Server 8.x through 8.5 FP3, 8.7.x through 8.7 FP2, and 9.1.x through 9.1.2.0 allow remote… | |
CVE-2013-4057 | | 2014-03-16 | Cross-site request forgery (CSRF) vulnerability in the XML Pack in IBM InfoSphere Information Server 8.5.x through 8.5 FP3, 8.7.x through 8.7 FP2, and 9.1.x th… | |
CVE-2013-5440 | | 2013-12-18 | IBM InfoSphere Information Server 8.0, 8.1, 8.5, 8.7, and 9.1 allows local users to obtain sensitive information in opportunistic circumstances by leveraging t… |