Changeflow GovPing Data Privacy & Cybersecurity IBM InfoSphere Server Vulnerabilities Allow Rem...
Urgent Notice Added Final

IBM InfoSphere Server Vulnerabilities Allow Remote Attacks

Favicon for wid.cert-bund.de CERT-Bund Security Advisories
Published
Detected
Email

Summary

CERT-Bund has issued a security advisory for IBM InfoSphere Information Server, detailing multiple vulnerabilities with a critical CVSS Base Score of 9.1. These vulnerabilities can be exploited by remote attackers to bypass security measures, cause denial of service, and manipulate data.

View original document View source feed page

What changed

CERT-Bund has released Security Advisory WID-SEC-2026-0851 concerning critical vulnerabilities in IBM InfoSphere Information Server versions 11.7.0.0 through 11.7.1.6. The advisory highlights a CVSS Base Score of 9.1, indicating a severe risk. Exploitation by remote, anonymous attackers can lead to security bypass, denial of service, cross-site scripting, CSRF attacks, information disclosure, and data manipulation across Linux, UNIX, and Windows operating systems.

Organizations utilizing affected versions of IBM InfoSphere Information Server must urgently review and apply available mitigations to address these critical vulnerabilities. Failure to do so could result in significant security breaches, data integrity issues, and service disruptions. The advisory provides links for further information and potential patches or workarounds.

What to do next

  1. Review IBM InfoSphere Information Server version 11.7.0.0-11.7.1.6 for applicability.
  2. Apply available mitigations or patches to address identified vulnerabilities.
  3. Monitor vendor advisories for further updates and remediation steps.

Archived snapshot

Mar 25, 2026

GovPing captured this document from the original source. If the source has since changed or been removed, this is the text as it existed at that time.

[WID-SEC-2026-0851] IBM InfoSphere Information Server: Mehrere Schwachstellen CVSS Base Score 9.1 (kritisch) CVSS Temporal Score 7.9 (hoch) Remoteangriff ja Datum 24.03.2026 Stand 25.03.2026 Mitigation ja

Betroffene Systeme

Betriebssystem

  • Linux
  • UNIX
  • Windows

Produktbeschreibung

IBM InfoSphere Information Server ist eine Softwareplattform zur Integration heterogener Daten.

Produkte

24.03.2026
- IBM InfoSphere Information Server 11.7.0.0-11.7.1.6

Angriff

Angriff

Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in IBM InfoSphere Information Server ausnutzen, um Sicherheitsmaßnahmen zu umgehen, einen Denial of Service zu verursachen, einen Cross Site Scripting und CSRF Angriff durchzuführen, Informationen offenzulegen und Daten zu manipulieren. CVE Informationen Versionshistorie Feedback zum Advisory geben

Related changes

Favicon for wid.cert-bund.de OpenBao Vulnerabilities Allow Security Bypass and XSS Attacks
Priority review Mar 26, 2026 CERT-Bund Security Advisories Data Privacy & Cybersecurity
Favicon for wid.cert-bund.de IBM InfoSphere Information Server Vulnerability Allows Security Bypass
Priority review Mar 26, 2026 CERT-Bund Security Advisories Data Privacy & Cybersecurity
Favicon for wid.cert-bund.de FreeRDP Vulnerabilities Allow Remote Code Execution, DoS
Priority review Mar 26, 2026 CERT-Bund Security Advisories Data Privacy & Cybersecurity

Get daily alerts for CERT-Bund Security Advisories

Daily digest delivered to your inbox.

Free. Unsubscribe anytime.

Source

Favicon for wid.cert-bund.de
CERT-Bund Security Advisories wid.cert-bund.de/content/public/securityAdvisory/rss
Data Privacy & Cybersecurity

About this page

What is GovPing?

Every important government, regulator, and court update from around the world. One place. Real-time. Free. Our mission

What's from the agency?

Source document text, dates, docket IDs, and authority are extracted directly from CERT-Bund.

What's AI-generated?

The plain-English summary, classification, and "what to do next" steps are AI-generated from the original text. Cite the source document, not the AI analysis.

Last updated

Press inquiries →

Classification

Agency
CERT-Bund
Published
March 24th, 2026
Instrument
Notice
Legal weight
Non-binding
Stage
Final
Change scope
Substantive
Document ID
WID-SEC-2026-0851

Who this affects

Applies to
Manufacturers
Industry sector
3254 Pharmaceutical Manufacturing
Activity scope
Vulnerability Management Data Integration
Geographic scope
Germany DE

Taxonomy

Primary area
Cybersecurity
Operational domain
IT Security
Compliance frameworks
NIST CSF
Topics
Data Security Vulnerability Management

Browse Categories

Agriculture & Food Safety 63 AI Regulation 3 Banking & Finance 292 Consumer Protection 44 Courts & Legal 360 Data Privacy & Cybersecurity 74 Defense & National Security 52 Education 20 Energy 101 Environment 85 Environmental Permits 1 Environmental Regulation 8 Government & Legislation 278 Healthcare 136 Housing 16 Immigration 9 Insurance 58 Labor & Employment 113 Legal 1 Legislative 1 Pharma & Drug Safety 104 Public Health 3 Securities & Markets 104 Securities Regulation 9 Tax 66 Telecom & Technology 47 Trade & Sanctions 124 Transportation 57

Get alerts for this source

We'll email you when CERT-Bund Security Advisories publishes new changes.

Optional. Personalizes your daily digest.

Free. Unsubscribe anytime.