CNNVD-202506-3336 Information
CNNVD ID
CNNVD-202506-3336
Related CVE
- CNNVD Published: 2025-06-26
Description (Chinese)
IBM InfoSphere DataStage Flow Designer是美国国际商业机器(IBM)公司的一个基于 Web 的数据阶段流程设计器。 IBM InfoSphere DataStage Flow Designer存在安全漏洞,该漏洞源于API请求中敏感信息明文传输,可能导致中间人攻击。
Description (English)
IBM InfoSphere DataStage Flow Designer is a Web-based data phase process designer for the United States International Business Machine (IBM). IBM InfoSphere DataStage Flow Designer has a security loophole, which stems from the explicit transmission of sensitive information in the API request and may lead to an attack by an intermediary.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
国际商业机器
Published
2025-06-26
Last Modified
2026-02-24
References
https://www.ibm.com/support/pages/node/7237604 https://vigilance.fr/vulnerability/IBM-InfoSphere-DataStage-Flow-Designer-information-disclosure-via-API-Requests-47550
Patch
https://www.ibm.com/support/pages/node/7237604
Share on: