Ibm Infosphere Information Server On Cloud — known CVE vulnerabilities
Every CVE whose affected-product data names Ibm Infosphere Information Server On Cloud, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (29)
CVE-2022-40752 — CVSS 9.8 (critical): IBM InfoSphere DataStage 11.7 is vulnerable to a command injection vulnerability due to improper neutralization of special elements. IBM…
CVE-2020-4305 — CVSS 8.8 (high): IBM InfoSphere Information Server 11.3, 11.5, and 11.7 could allow a remote attacker to execute arbitrary code on the system, caused by the…
CVE-2018-1701 — CVSS 8.5 (high): IBM InfoSphere Information Server 11.7 could allow an authenciated user under specialized conditions to inject commands into the…
CVE-2019-4185 — CVSS 8.3 (high): IBM InfoSphere Information Server 11.7.1 containers are vulnerable to privilege escalation due to an insecurely configured component. IBM…
CVE-2016-6059 — CVSS 8.1 (high): IBM InfoSphere Information Server is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error when…
CVE-2022-22454 — CVSS 7.8 (high): IBM InfoSphere Information Server 11.7 could allow a locally authenticated attacker to execute arbitrary commands on the system by sending…
CVE-2018-1875 — CVSS 7.4 (high): IBM InfoSphere Information Governance Catalog 11.3, 11.5, and 11.7 could allow a remote attacker to conduct phishing attacks, using an open…
CVE-2018-1845 — CVSS 7.1 (high): IBM InfoSphere Information Server 11.3, 11.5, and 11.7 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML…
CVE-2025-1499 — CVSS 6.5 (medium): IBM InfoSphere Information Server 11.7 stores credential information for database authentication in a cleartext parameter file that could…
CVE-2020-4286 — CVSS 6.5 (medium): IBM InfoSphere Information Server 11.3, 11.5, and 11.7 is vulnerable to cross-site request forgery which could allow an attacker to execute…
CVE-2022-22442 — CVSS 6.5 (medium): "IBM InfoSphere Information Server 11.7 could allow an authenticated user to access information restricted to users with elevated…
CVE-2018-1994 — CVSS 6.3 (medium): IBM InfoSphere Information Server 11.5 and 11.7 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL…
CVE-2018-1518 — CVSS 6.2 (medium): IBM InfoSphere Information Server 11.7 is affected by a weak password encryption vulnerability that could allow a local user to obtain…
CVE-2016-9000 — CVSS 6.1 (medium): IBM InfoSphere DataStage is vulnerable to cross-frame scripting, caused by insufficient HTML iframe protection. A remote attacker could…
CVE-2017-1321 — CVSS 6.1 (medium): IBM InfoSphere Information Server 9.1, 11.3, and 11.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed…
CVE-2016-5984 — CVSS 6.1 (medium): IBM InfoSphere Information Server is vulnerable to cross-frame scripting, caused by insufficient HTML iframe protection. A remote attacker…
CVE-2024-40689 — CVSS 6.0 (medium): IBM InfoSphere Information Server 11.7 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which…
CVE-2019-4220 — CVSS 5.5 (medium): IBM InfoSphere Information Server 11.7.1.0 stores a common hard coded encryption key that could be used to decrypt sensitive information…
CVE-2018-1895 — CVSS 5.4 (medium): IBM InfoSphere Information Server 11.3, 11.5, and 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed…
CVE-2016-8999 — CVSS 5.4 (medium): IBM InfoSphere Information Server contains a Path-relative stylesheet import vulnerability that allows attackers to render a page in quirks…
CVE-2019-4237 — CVSS 5.4 (medium): A Cross-Frame Scripting vulnerability in IBM InfoSphere Information Server 11.3, 11.5, and 11.7 can allow an attacker to load the…
CVE-2020-4384 — CVSS 5.4 (medium): IBM InfoSphere Information Server 11.3, 11.5, and 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed…
CVE-2020-4298 — CVSS 5.4 (medium): IBM InfoSphere Information Server 11.3, 11.5, and 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed…
CVE-2019-4238 — CVSS 5.4 (medium): IBM InfoSphere Information Server 11.3, 11.5, and 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed…
CVE-2018-1899 — CVSS 4.3 (medium): IBM InfoSphere Information Server 11.3, 11.5, and 11.7 could allow an attacker to change one of the settings related to InfoSphere Business…
CVE-2019-4257 — CVSS 4.3 (medium): IBM InfoSphere Information Server 11.5 and 11.7 is affected by an information disclosure vulnerability. Sensitive information in an error…
CVE-2025-1138 — CVSS 4.3 (medium): IBM InfoSphere Information Server 11.7 could disclose sensitive information to an authenticated user that could aid in further attacks…
CVE-2018-1906 — CVSS 4.3 (medium): IBM InfoSphere Information Server 11.3, 11.5, and 11.7could allow an authenticated user to download code using a specially crafted HTTP…
CVE-2018-1917 — CVSS 3.5 (low): IBM InfoSphere Information Server 11.3, 11.5, and 11.7 could allow an authenticated user to access JSP files and disclose sensitive…