- Description
- IBM InfoSphere Information Server 8.1, 8.5, and 8,7 could allow a remote authenticated attacker to obtain sensitive information, caused by improper restrictions on directories. An attacker could exploit this vulnerability via the DataStage application to load or import content functionality to view arbitrary files on the system.
- Source
- psirt@us.ibm.com
- NVD status
- Analyzed
CVSS 3.1
- Type
- Primary
- Base score
- 6.5
- Impact score
- 3.6
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
- Severity
- MEDIUM
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:infosphere_information_server:8.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "317FAE67-76E2-4084-9393-8A02D255BAF5"
},
{
"criteria": "cpe:2.3:a:ibm:infosphere_information_server:8.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CA7096B4-291F-49BB-8DBC-E67AC901CF08"
},
{
"criteria": "cpe:2.3:a:ibm:infosphere_information_server:8.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "42A9CF5C-79EC-4BBF-92AF-2AB3DC125684"
}
],
"operator": "OR"
}
]
}
]