Ibm Infosphere Information Governance Catalog vulnerabilities

6 known vulnerabilities affecting ibm/infosphere_information_governance_catalog.

Total CVEs

6

CISA KEV

0

Public exploits

0

Exploited in wild

0

Severity breakdown

MEDIUM6

Vulnerabilities

Page 1 of 1

CVE-2019-4237MEDIUMCVSS 5.4v11.3v11.5+1 more2019-07-01

CVE-2019-4237 [MEDIUM] CWE-79 CVE-2019-4237: A Cross-Frame Scripting vulnerability in IBM InfoSphere Information Server 11.3, 11.5, and 11.7 can A Cross-Frame Scripting vulnerability in IBM InfoSphere Information Server 11.3, 11.5, and 11.7 can allow an attacker to load the vulnerable application inside an HTML iframe tag on a malicious page. IBM X-Force ID: 159419.

CVE-2019-4257MEDIUMCVSS 4.3v11.5v11.72019-06-06

CVE-2019-4257 [MEDIUM] CWE-209 CVE-2019-4257: IBM InfoSphere Information Server 11.5 and 11.7 is affected by an information disclosure vulnerabili IBM InfoSphere Information Server 11.5 and 11.7 is affected by an information disclosure vulnerability. Sensitive information in an error message may be used to conduct further attacks against the system. IBM X-Force ID: 159945.

CVE-2018-1875MEDIUMCVSS 6.1v11.3v11.5+1 more2019-03-05

CVE-2018-1875 [HIGH] CWE-601 CVE-2018-1875: IBM InfoSphere Information Governance Catalog 11.3, 11.5, and 11.7 could allow a remote attacker to IBM InfoSphere Information Governance Catalog 11.3, 11.5, and 11.7 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to a malicious Web site that would appea

CVE-2018-1899MEDIUMCVSS 4.3v11.3v11.5+1 more2019-03-05

CVE-2018-1899 [MEDIUM] CVE-2018-1899: IBM InfoSphere Information Server 11.3, 11.5, and 11.7 could allow an attacker to change one of the IBM InfoSphere Information Server 11.3, 11.5, and 11.7 could allow an attacker to change one of the settings related to InfoSphere Business Glossary Anywhere due to improper access control. IBM X-Force ID: 152528.

CVE-2018-1895MEDIUMCVSS 5.4v11.3v11.5+1 more2019-02-15

CVE-2018-1895 [MEDIUM] CWE-79 CVE-2018-1895: IBM InfoSphere Information Server 11.3, 11.5, and 11.7 is vulnerable to cross-site scripting. This v IBM InfoSphere Information Server 11.3, 11.5, and 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 152159.

CVE-2016-0280MEDIUMCVSS 5.4v11.3v11.52016-08-08

CVE-2016-0280 [MEDIUM] CWE-79 CVE-2016-0280: Cross-site scripting (XSS) vulnerability in IBM Information Server Framework 8.5, Information Server Cross-site scripting (XSS) vulnerability in IBM Information Server Framework 8.5, Information Server Framework and InfoSphere Information Server Business Glossary 8.7 before FP2, Information Server Framework and InfoSphere Information Server Business Glossary 9.1 before 9.1.2.0, Information Server Framework and InfoSphere Information Governance Catalog