CVE-2025-36422
published 2026-03-25CVE-2025-36422: IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 IBM InfoSphere DataStage Flow Designer is vulnerable to cross-site request forgery which could…
medium4.3CVSS 3.1
AVNACLPRNUIRSUCNILAN
IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 IBM InfoSphere DataStage Flow Designer is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ibm | infosphere_information_server | 11.7.0.0 – 11.7.1.6 | — |
| msrc | azl3_qemu_8.2.0-16_on_azure_linux_3.0 | — | — |
| msrc | cbl2_qemu_6.2.0-24_on_cbl_mariner_2.0 | — | — |