CNNVD-202511-062 Information
CNNVD ID
CNNVD-202511-062
Related CVE
- CNNVD Published: 2025-11-03
Description (Chinese)
IBM InfoSphere Information Server是美国国际商业机器(IBM)公司的一套数据整合平台。该平台可用于整合各种渠道获取的数据信息。 IBM InfoSphere Information Server 11.7.0.0版本至11.7.1.6版本存在代码问题漏洞,该漏洞源于处理XML数据时存在XML外部实体注入,可能导致敏感信息泄露或内存资源消耗。
Description (English)
IBM InfoSphere Information Server is a data integration platform for the United States International Business Machine (IBM). The platform could be used to integrate data information obtained from various sources. The IBM InfoSphere Information Server 11.7.0.0 to 11.7.1.6 has a code gap, which arises from the presence of XML external entities in the processing of XML data, which may lead to the leakage of sensitive information or the depletion of memory resources.
Hazard Level
Medium
Vulnerability Type
代码问题
Affected Vendor
国际商业机器
Published
2025-11-03
Last Modified
2026-02-24
References
https://www.ibm.com/support/pages/node/7249881 https://access.redhat.com/security/cve/cve-2025-12531
Patch
https://www.ibm.com/docs/zh/iis/11.7.0
Share on: