You are here

V-050: IBM InfoSphere Information Server Multiple Vulnerabilities

December 19, 2012 - 1:00am

Addthis

PROBLEM:

IBM InfoSphere Information Server Multiple Vulnerabilities

PLATFORM:

The vulnerabilities are reported in versions prior to 9.1.

ABSTRACT:

Multiple vulnerabilities have been reported in IBM InfoSphere Information Server

REFERENCE LINKS:

Secunia Advisory SA51605
IBM Support home
IBM InfoSphere Information Server, Version 9.1 fix list

IMPACT ASSESSMENT:

Medium

DISCUSSION:

Multiple vulnerabilities have been reported in IBM InfoSphere Information Server, where some have an unknown impact and others can be exploited by malicious users to bypass certain security restrictions.

1) An unspecified error exists in the InfoCenter component.

2) Some unspecified errors exist in the bundled version of Java.

3) Some unspecified errors exist in the Web Console component.

4) An error when performing permission checks to run and view status of jobs can be exploited to gain access to the otherwise restricted project.

IMPACT:

Malicious users can bypass certain security restrictions.

SOLUTION:

Update to version 9.1.

Addthis