Information Disclosure Vulnerability in IBM InfoSphere Information Server
CVE-2024-55895

2.7LOW

Key Information:

Vendor: IBM
Status: Infosphere Information Server
Vendor: CVE Published:; 29 March 2025

Summary

IBM InfoSphere Information Server 11.7 is susceptible to information disclosure that could enable an attacker to gain access to sensitive data. This occurs when a technical error message is returned in the browser, potentially revealing critical system information that can be exploited for further attacks. Organizations using this product should review their configurations and implement security measures to mitigate the risks associated with this vulnerability.

Affected Version(s)

InfoSphere Information Server 11.7

References

https://www.ibm.com/support/pages/node/7185450

vendor-advisory

CVSS V3.1

Score:

2.7

Severity:

LOW

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Mar 29, 2025
Vulnerability Reserved
Dec 12, 2024