CVE-2015-7493 — Sensitive Information Exposure in Corporation Infosphere Information Server

CWE-200 — Sensitive Information Exposure3 documents3 sources

Severity

4.7MEDIUMNVD

EPSS

0.0%

top 90.93%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

IBM Corporation Infosphere Information Server IBM Infosphere Information Server

Timeline

PublishedFeb 8

Latest updateMay 17

Description

IBM InfoSphere Information Server could allow a local user under special circumstances to execute commands during installation processes that could expose sensitive information.

CVSS vector

CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:NExploitability: 1.0 | Impact: 3.6

Affected Packages2 packages

▶NVDibm/infosphere_information_server5 versions+4

▶CVEListV5ibm_corporation/infosphere_information_server13 versions+12

Patches

Patch: www.ibm.com ↗Patch: www.ibm.com ↗

🔴Vulnerability Details

GHSA

GHSA-5564-mpgq-3gvv: IBM InfoSphere Information Server could allow a local user under special circumstances to execute commands during installation processes that could ex↗2022-05-17

▶

CVEList

CVE-2015-7493: IBM InfoSphere Information Server could allow a local user under special circumstances to execute commands during installation processes that could ex↗2017-02-08

▶