IBM InfoSphere Information 11.7 Server does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system.
IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 does not invalidate a session after privileges have been modified which could allow an authenticated user to retain access to sensitive info
IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6
could allow an authenticated user to delete another user's comments due to improper ownership management.
IBM Jazz Reporting Service 7.0.2 and 7.0.3 does not invalidate session after logout which could allow an authenticated privileged user to impersonate another user on the system.
IBM DB2 Recovery Expert for LUW 5.5 Interim Fix 002 does not invalidate session after a timeout which could allow an authenticated user to impersonate another user on the system.
IBM Planning Analytics Local 2.0 and 2.1 does not invalidate session after a logout which could allow an authenticated user to impersonate another user on the system.
IBM InfoSphere Information Server 11.7 could allow an authenticated user to GUI to not load or stop working due to improper input validation.
IBM Transformation Extender Advanced 10.0.1
does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system.
IBM Concert 1.0.0 through 2.1.0 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system.
IBM InfoSphere Information Server 11.7
could allow an authenticated to obtain sensitive username information due to an observable response discrepancy.
IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 could allow a remote attacker to cause a denial of service due to insufficient validation of incoming request resources.
IBM Sterling Connect:Direct Web Services 6.1.0, 6.2.0, and 6.3.0
does not invalidate session after a browser closure which could allow an authenticated user to impersonate another user on the system
IBM InfoSphere Information 11.7 Server authenticated user to obtain sensitive information when a detailed technical error message is returned in a request. This information could be used in further a
IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 could allow an attacker to obtain sensitive information due to insufficiently protected credentials.
IBM InfoSphere Information Server 11.7 could allow an authenticated user to obtain sensitive information that is stored locally under certain conditions.
IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is vulnerable due to Insecure Direct Object Reference (IDOR).
IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 product stores user credentials and other sensitive information in plain text which can be read by a local user.
IBM Sterling Connect:Express Adapter for Sterling B2B Integrator 5.2.0 5.2.0.00 through 5.2.0.12 does not invalidate session after a logout which could allow an authenticated user to impersonate anoth
IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct
IBM InfoSphere 11.7.0.0 through 11.7.1.6 Information Server could allow an authenticated user to execute arbitrary commands with elevated privileges on the system due to improper validation of user su
Page 1+ Next →