Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Ibm Subscribe
Filtered by product Infosphere Information Governance Catalog
Total 6 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-4257 1 Ibm 3 Infosphere Information Analyzer, Infosphere Information Governance Catalog, Infosphere Information Server On Cloud 2023-02-03 4.0 MEDIUM 4.3 MEDIUM
IBM InfoSphere Information Server 11.5 and 11.7 is affected by an information disclosure vulnerability. Sensitive information in an error message may be used to conduct further attacks against the system. IBM X-Force ID: 159945.
CVE-2019-4237 1 Ibm 3 Infosphere Information Governance Catalog, Infosphere Information Server, Infosphere Information Server On Cloud 2022-12-02 3.5 LOW 5.4 MEDIUM
A Cross-Frame Scripting vulnerability in IBM InfoSphere Information Server 11.3, 11.5, and 11.7 can allow an attacker to load the vulnerable application inside an HTML iframe tag on a malicious page. IBM X-Force ID: 159419.
CVE-2018-1875 1 Ibm 2 Infosphere Information Governance Catalog, Infosphere Information Server On Cloud 2019-10-09 5.8 MEDIUM 6.1 MEDIUM
IBM InfoSphere Information Governance Catalog 11.3, 11.5, and 11.7 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to a malicious Web site that would appear to be trusted. This could allow the attacker to obtain highly sensitive information or conduct further attacks against the victim. IBM X-Force ID: 151639.
CVE-2018-1899 1 Ibm 2 Infosphere Information Governance Catalog, Infosphere Information Server On Cloud 2019-10-09 3.3 LOW 4.3 MEDIUM
IBM InfoSphere Information Server 11.3, 11.5, and 11.7 could allow an attacker to change one of the settings related to InfoSphere Business Glossary Anywhere due to improper access control. IBM X-Force ID: 152528.
CVE-2018-1895 1 Ibm 2 Infosphere Information Governance Catalog, Infosphere Information Server On Cloud 2019-10-09 3.5 LOW 5.4 MEDIUM
IBM InfoSphere Information Server 11.3, 11.5, and 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 152159.
CVE-2016-0280 1 Ibm 3 Information Server Framework, Infosphere Information Governance Catalog, Infosphere Information Server Business Glossary 2017-08-31 3.5 LOW 5.4 MEDIUM
Cross-site scripting (XSS) vulnerability in IBM Information Server Framework 8.5, Information Server Framework and InfoSphere Information Server Business Glossary 8.7 before FP2, Information Server Framework and InfoSphere Information Server Business Glossary 9.1 before 9.1.2.0, Information Server Framework and InfoSphere Information Governance Catalog 11.3 before 11.3.1.2, and Information Server Framework and InfoSphere Information Governance Catalog 11.5 before 11.5.0.1 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.