CNVD-2024-37062 — Vulnetix

CNVD-2024-37062 PUBLISHED CVSS 5.400000095367432 MEDIUM

IBM InfoSphere Information Server是美国国际商业机器（IBM）公司的一套数据整合平台。该平台可用于整合各种渠道获取的数据信息。 IBM InfoSphere Information Server存在跨站脚本漏洞，攻击者可利用该漏洞在Web UI中嵌入任意JavaScript代码，导致可信会话中的凭据泄露。

Risk Scores

CVSS 3.1

5.400000095367432

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Affected Products

Vendor	Product	Versions
IBM	InfoSphere Information Server	11.7

Exploit Intelligence

https://www.ibm.com/support/pages/node/7159060 (circl)
https://exchange.xforce.ibmcloud.com/vulnerabilities/276102 (circl)

Timeline

Jun 30, 2024 CVE Published
Jul 2, 2024 CVE ID Reserved

References

https://www.ibm.com/support/pages/node/7159060 vendor-advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/276102 vdb

Open in Interactive Console →