Medium Severity

Security Bulletin: IBM InfoSphere Information Server is vulnerable to SQL Injection (CVE-2022-31768)

Share this post:

A SQL Injection vulnerability in the IBM InfoSphere DataStage Flow Designer was addressed.

CVE(s): CVE-2022-31768

Affected product(s) and affected version(s):

Affected Product(s) Version(s)
InfoSphere Information Server 11.7

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6592573
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/227986

More stories

Security Bulletin: Multiple Vulnerabilities in Intel Firmware affect Cloud Pak System

August 13, 2022 | Medium Severity

Vulnerabilities in Intel firmware affect Cloud Pak System. Cloud Pak system nodes using Intel driver firmware recommended update. ...read more


Security Bulletin: A Unspecified Java Vulnerability is affecting Watson Knowledge Catalog for IBM Cloud Pak for Data (CVE-2021-35550)

August 12, 2022 | Medium Severity

An unspecified vulnerability in Java is affecting Watson Knowledge Catalog for IBM Cloud Pak for Data. This vulnerability have been addressed. ...read more


Security Bulletin: CP4D Match 360 is affected by Identity Spoofing vulnerability in IBM WebSphere Application Server Liberty

August 12, 2022 | Medium Severity

IBM WebSphere Application Server Liberty is vulnerable to identity spoofing with the appSecurity-1.0, appSecurity-2.0, appSecurity-3.0 or appSecurity-4.0 feature enabled. This has been addressed. IBM Match 360 v4.5.0 and prior, is also vulnerable given that it uses WebSphere Application Server Liberty. ...read more