CVE-2016-8982

MEDIUM

IBM InfoSphere Information Server - Info Disclosure

Title source: llm

Description

IBM InfoSphere Information Server stores sensitive information in URL parameters. This may lead to information disclosure if unauthorized parties have access to the URLs via server logs, referrer header or browser history.

References (3)

[Patch, Vendor Advisory] http://www.ibm.com/support/docview.wss?uid=swg21995895

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/95651

[Third Party Advisory, VDB Entry] http://www.securitytracker.com/id/1037616

Scores

CVSS v3 5.3

EPSS 0.0022

EPSS Percentile 44.5%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Classification

CWE

CWE-200

Status published

Affected Products (7)

ibm/infosphere_datastage

IBM Corporation/InfoSphere DataStage < 8.5

IBM Corporation/InfoSphere DataStage < 9.1

IBM Corporation/InfoSphere DataStage < 11.3

IBM Corporation/InfoSphere DataStage < 8.7

Timeline

Published Feb 01, 2017

Tracked Since Feb 18, 2026