IBM Infosphere Information Server On Cloud
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in IBM Infosphere Information Server On Cloud.
By the Year
In 2026 there have been 0 vulnerabilities in IBM Infosphere Information Server On Cloud. Last year, in 2025 Infosphere Information Server On Cloud had 2 security vulnerabilities published. Right now, Infosphere Information Server On Cloud is on track to have less security vulnerabilities in 2026 than it did last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 2 | 5.40 |
| 2024 | 1 | 9.80 |
| 2023 | 0 | 0.00 |
| 2022 | 2 | 8.15 |
| 2021 | 0 | 0.00 |
| 2020 | 3 | 5.77 |
| 2019 | 13 | 5.78 |
| 2018 | 1 | 0.00 |
It may take a day or so for new Infosphere Information Server On Cloud vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent IBM Infosphere Information Server On Cloud Security Vulnerabilities
InfoSphere InfoSrv 11.7 Credential Storage in Cleartext Param File
CVE-2025-1499
6.5 - Medium
- June 01, 2025
IBM InfoSphere Information Server 11.7 stores credential information for database authentication in a cleartext parameter file that could be viewed by an authenticated user.
Cleartext Storage of Sensitive Information
IBM InfoSphere InfoServer 11.7 Authenticated Directory Listing Disclosure
CVE-2025-1138
4.3 - Medium
- May 15, 2025
IBM InfoSphere Information Server 11.7 could disclose sensitive information to an authenticated user that could aid in further attacks against the system through a directory listing.
Exposure of Information Through Directory Listing
IBM InfoSphere Info Server 11.7 SQL Injection Vulnerability
CVE-2024-40689
9.8 - Critical
- July 26, 2024
IBM InfoSphere Information Server 11.7 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify, or delete information in the back-end database. IBM X-Force ID: 297719.
SQL Injection
IBM InfoSphere DataStage 11.7 Cmd Injection via Improper Input Neutralization
CVE-2022-40752
9.8 - Critical
- November 16, 2022
IBM InfoSphere DataStage 11.7 is vulnerable to a command injection vulnerability due to improper neutralization of special elements. IBM X-Force ID: 236687.
Command Injection
IBM InfoSphere InfoServer 11.7 Access Control Bypass
CVE-2022-22442
6.5 - Medium
- November 03, 2022
"IBM InfoSphere Information Server 11.7 could allow an authenticated user to access information restricted to users with elevated privileges due to improper access controls. IBM X-Force ID: 224427."
IBM InfoSphere Information Server 11.3, 11.5, and 11.7 is vulnerable to cross-site scripting
CVE-2020-4298
5.4 - Medium
- May 19, 2020
IBM InfoSphere Information Server 11.3, 11.5, and 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 176475.
XSS
IBM InfoSphere Information Server 11.3, 11.5, and 11.7 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user
CVE-2020-4286
6.5 - Medium
- May 19, 2020
IBM InfoSphere Information Server 11.3, 11.5, and 11.7 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 176268.
Session Riding
IBM InfoSphere Information Server 11.3, 11.5, and 11.7 is vulnerable to cross-site scripting
CVE-2020-4384
5.4 - Medium
- May 06, 2020
IBM InfoSphere Information Server 11.3, 11.5, and 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 179265.
XSS
A Cross-Frame Scripting vulnerability in IBM InfoSphere Information Server 11.3, 11.5, and 11.7 can
CVE-2019-4237
5.4 - Medium
- July 01, 2019
A Cross-Frame Scripting vulnerability in IBM InfoSphere Information Server 11.3, 11.5, and 11.7 can allow an attacker to load the vulnerable application inside an HTML iframe tag on a malicious page. IBM X-Force ID: 159419.
XSS
IBM InfoSphere Information Server 11.3
CVE-2018-1845
- June 17, 2019
IBM InfoSphere Information Server 11.3, 11.5, and 11.7 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 150905.
IBM InfoSphere Information Server 11.5 and 11.7 is affected by an information disclosure vulnerability
CVE-2019-4257
4.3 - Medium
- June 06, 2019
IBM InfoSphere Information Server 11.5 and 11.7 is affected by an information disclosure vulnerability. Sensitive information in an error message may be used to conduct further attacks against the system. IBM X-Force ID: 159945.
Generation of Error Message Containing Sensitive Information
IBM InfoSphere Information Server 11.7.1 containers are vulnerable to privilege escalation due to an insecurely configured component
CVE-2019-4185
8.3 - High
- June 06, 2019
IBM InfoSphere Information Server 11.7.1 containers are vulnerable to privilege escalation due to an insecurely configured component. IBM X-Force ID: 158975.
IBM InfoSphere Information Server 11.7.1.0 stores a common hard coded encryption key that could be used to decrypt sensitive information
CVE-2019-4220
5.5 - Medium
- June 06, 2019
IBM InfoSphere Information Server 11.7.1.0 stores a common hard coded encryption key that could be used to decrypt sensitive information. IBM X-Force ID: 159229.
Use of Hard-coded Credentials
IBM InfoSphere Information Server 11.3, 11.5, and 11.7 is vulnerable to cross-site scripting
CVE-2019-4238
5.4 - Medium
- April 25, 2019
IBM InfoSphere Information Server 11.3, 11.5, and 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 159464.
XSS
IBM InfoSphere Information Server 11.5 and 11.7 is vulnerable to SQL injection
CVE-2018-1994
- April 10, 2019
IBM InfoSphere Information Server 11.5 and 11.7 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 154494.
IBM InfoSphere Information Server 11.3, 11.5, and 11.7 could
CVE-2018-1917
- April 02, 2019
IBM InfoSphere Information Server 11.3, 11.5, and 11.7 could allow an authenticated user to access JSP files and disclose sensitive information. IBM X-Force ID: 152784.
IBM InfoSphere Information Server 11.3, 11.5, and 11.7could
CVE-2018-1906
- April 02, 2019
IBM InfoSphere Information Server 11.3, 11.5, and 11.7could allow an authenticated user to download code using a specially crafted HTTP request. IBM X-Force ID: 152663.
IBM InfoSphere Information Server 11.3, 11.5, and 11.7 could
CVE-2018-1899
- March 05, 2019
IBM InfoSphere Information Server 11.3, 11.5, and 11.7 could allow an attacker to change one of the settings related to InfoSphere Business Glossary Anywhere due to improper access control. IBM X-Force ID: 152528.
IBM InfoSphere Information Governance Catalog 11.3, 11.5, and 11.7 could
CVE-2018-1875
- March 05, 2019
IBM InfoSphere Information Governance Catalog 11.3, 11.5, and 11.7 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to a malicious Web site that would appear to be trusted. This could allow the attacker to obtain highly sensitive information or conduct further attacks against the victim. IBM X-Force ID: 151639.
IBM InfoSphere Information Server 11.3, 11.5, and 11.7 is vulnerable to cross-site scripting
CVE-2018-1895
- February 15, 2019
IBM InfoSphere Information Server 11.3, 11.5, and 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 152159.
IBM InfoSphere Information Server 11.7 could allow an authenciated user under specialized conditions to inject commands into the installation process
CVE-2018-1701
- February 15, 2019
IBM InfoSphere Information Server 11.7 could allow an authenciated user under specialized conditions to inject commands into the installation process that would execute on the WebSphere Application Server. IBM X-Force ID: 145970.
IBM InfoSphere Information Server 11.7 is affected by a weak password encryption vulnerability
CVE-2018-1518
- October 18, 2018
IBM InfoSphere Information Server 11.7 is affected by a weak password encryption vulnerability that could allow a local user to obtain highly sensitive information. IBM X-Force ID: 141682.
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for IBM Infosphere Information Server On Cloud or by IBM? Click the Watch button to subscribe.
