threat
engine
.sh
Back
·
··:··
Home
/
Product
/
ibm infosphere information server on cloud
Product
ibm infosphere information server on cloud
29 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
Sort
Newest first
Oldest first
Highest CVSS
Lowest CVSS
Min CVSS
Any
4.0+
7.0+ (High)
9.0+ (Critical)
Published since
Reset
CVE-2025-1499
all versions
IBM InfoSphere Information Server 11.7 stores credential information for database authentication in a cleartext parameter file tha
6.5
MEDIUM
CVE-2025-1138
all versions
IBM InfoSphere Information Server 11.7 could disclose sensitive information to an authenticated user that could aid in further att
4.3
MEDIUM
CVE-2024-40689
all versions
IBM InfoSphere Information Server 11.7 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statemen
6.0
MEDIUM
CVE-2022-40752
all versions
IBM InfoSphere DataStage 11.7 is vulnerable to a command injection vulnerability due to improper neutralization of special element
9.8
CRITICAL
CVE-2022-22442
all versions
"IBM InfoSphere Information Server 11.7 could allow an authenticated user to access information restricted to users with elevated
6.5
MEDIUM
CVE-2022-22454
all versions
IBM InfoSphere Information Server 11.7 could allow a locally authenticated attacker to execute arbitrary commands on the system by
7.8
HIGH
CVE-2020-4305
>= 11.7.0.0 and <= 11.7.1.1
IBM InfoSphere Information Server 11.3, 11.5, and 11.7 could allow a remote attacker to execute arbitrary code on the system, caus
8.8
HIGH
CVE-2020-4298
all versions
IBM InfoSphere Information Server 11.3, 11.5, and 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to e
5.4
MEDIUM
CVE-2020-4286
all versions
IBM InfoSphere Information Server 11.3, 11.5, and 11.7 is vulnerable to cross-site request forgery which could allow an attacker t
6.5
MEDIUM
CVE-2020-4384
all versions
IBM InfoSphere Information Server 11.3, 11.5, and 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to e
5.4
MEDIUM
CVE-2019-4237
all versions
A Cross-Frame Scripting vulnerability in IBM InfoSphere Information Server 11.3, 11.5, and 11.7 can allow an attacker to load the
5.4
MEDIUM
CVE-2018-1845
all versions
IBM InfoSphere Information Server 11.3, 11.5, and 11.7 is vulnerable to a XML External Entity Injection (XXE) attack when processi
7.1
HIGH
CVE-2019-4257
all versions
IBM InfoSphere Information Server 11.5 and 11.7 is affected by an information disclosure vulnerability. Sensitive information in a
4.3
MEDIUM
CVE-2019-4220
all versions
IBM InfoSphere Information Server 11.7.1.0 stores a common hard coded encryption key that could be used to decrypt sensitive infor
5.5
MEDIUM
CVE-2019-4185
all versions
IBM InfoSphere Information Server 11.7.1 containers are vulnerable to privilege escalation due to an insecurely configured compone
8.3
HIGH
CVE-2019-4238
all versions
IBM InfoSphere Information Server 11.3, 11.5, and 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to e
5.4
MEDIUM
CVE-2018-1994
all versions
IBM InfoSphere Information Server 11.5 and 11.7 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL
6.3
MEDIUM
CVE-2018-1917
all versions
IBM InfoSphere Information Server 11.3, 11.5, and 11.7 could allow an authenticated user to access JSP files and disclose sensitiv
3.5
LOW
CVE-2018-1906
all versions
IBM InfoSphere Information Server 11.3, 11.5, and 11.7could allow an authenticated user to download code using a specially crafted
4.3
MEDIUM
CVE-2018-1899
all versions
IBM InfoSphere Information Server 11.3, 11.5, and 11.7 could allow an attacker to change one of the settings related to InfoSphere
4.3
MEDIUM
CVE-2018-1875
all versions
IBM InfoSphere Information Governance Catalog 11.3, 11.5, and 11.7 could allow a remote attacker to conduct phishing attacks, usin
7.4
HIGH
CVE-2018-1895
all versions
IBM InfoSphere Information Server 11.3, 11.5, and 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to e
5.4
MEDIUM
CVE-2018-1701
all versions
IBM InfoSphere Information Server 11.7 could allow an authenciated user under specialized conditions to inject commands into the i
8.5
HIGH
CVE-2018-1518
all versions
IBM InfoSphere Information Server 11.7 is affected by a weak password encryption vulnerability that could allow a local user to ob
6.2
MEDIUM
CVE-2017-1321
all versions
IBM InfoSphere Information Server 9.1, 11.3, and 11.5 is vulnerable to cross-site scripting. This vulnerability allows users to em
6.1
MEDIUM
CVE-2016-9000
all versions
IBM InfoSphere DataStage is vulnerable to cross-frame scripting, caused by insufficient HTML iframe protection. A remote attacker
6.1
MEDIUM
CVE-2016-8999
all versions
IBM InfoSphere Information Server contains a Path-relative stylesheet import vulnerability that allows attackers to render a page
5.4
MEDIUM
CVE-2016-6059
all versions
IBM InfoSphere Information Server is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error whe
8.1
HIGH
CVE-2016-5984
all versions
IBM InfoSphere Information Server is vulnerable to cross-frame scripting, caused by insufficient HTML iframe protection. A remote
6.1
MEDIUM
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin