Sensitive Information Exposure in IBM InfoSphere Information Server DataStage Flow Designer
CVE-2025-25046

3.7LOW

Key Information:

Vendor
IBM
Vendor
CVE Published:
23 April 2025

Summary

The IBM InfoSphere Information Server 11.7 DataStage Flow Designer is vulnerable to an information exposure issue. This vulnerability allows sensitive information to be transmitted through URL or query parameters. If exploited, unauthorized actors could intercept this data using man-in-the-middle techniques, leading to potential data breaches and other security risks. Users are advised to review their configurations and implement necessary security measures to mitigate this risk.

Affected Version(s)

InfoSphere Information Server 11.7

References

CVSS V3.1

Score:
3.7
Severity:
LOW
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.