Server-Side Request Forgery Vulnerability in IBM InfoSphere Information Server
CVE-2025-14912

5.4MEDIUM

Key Information:

Vendor: IBM
Status: Infosphere Information Server
Vendor: CVE Published:; 25 March 2026

What is CVE-2025-14912?

The IBM InfoSphere Information Server, specifically versions 11.7.0.0 through 11.7.1.6, is susceptible to a server-side request forgery vulnerability. This issue enables authenticated attackers to manipulate the server to send unauthorized requests, which could lead to sensitive information disclosure and facilitate additional network attacks. Remediation is crucial to prevent potential exploitation. Detailed guidance and patches are available through IBM's official advisory.

Affected Version(s)

InfoSphere Information Server 11.7.0.0 <= 11.7.1.6

References

https://www.ibm.com/support/pages/node/7266698

vendor-advisorypatch

CVSS V3.1

Score:

5.4

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 25, 2026
Vulnerability Reserved
Dec 18, 2025

CVE-2025-14912 Data

JSON