CNNVD-202509-4326 Information

Sep 29, 2025 cve

CNNVD ID

CNNVD-202509-4326

CVE-2025-36245

  • CNNVD Published: 2025-09-29

Description (Chinese)

IBM InfoSphere Information Server是美国国际商业机器(IBM)公司的一套数据整合平台。该平台可用于整合各种渠道获取的数据信息。 IBM InfoSphere Information Server 11.7.0.0版本至11.7.1.6版本存在操作系统命令注入漏洞,该漏洞源于未正确验证用户输入,可能导致执行特权任意命令。

Description (English)

IBM InfoSphere Information Server is a data integration platform for the United States International Business Machine (IBM). The platform could be used to integrate data information obtained from various sources. The IBM InfoSphere Information Server 11.7.0.0 to 11.7.1.6 contains a loophole in the operating system commands, which originates from incorrect authentication of user input and may result in the execution of arbitrary orders of privilege.

Hazard Level

Medium

Vulnerability Type

操作系统命令注入

Affected Vendor

国际商业机器

Published

2025-09-29

Last Modified

2026-02-24

References

https://www.ibm.com/support/pages/node/7246170

Patch

https://www.ibm.com/support/pages/node/7246170

Share on: