Fix Readme
Abstract
IBM InfoSphere Information Server 11.7.1.6 SP2 introduces Known Issue fixes addressed after release 11.7.1.6 SP1 for components of InfoSphere Information Server. Fix Pack 11.7.1.6 SP2 is cumulative and includes fixes released in previous Fix and Services packs of Information Server 11.7.1.
Content
Fixes added in IBM InfoSphere Information Server 11.7.1.6 SP2
Security Issues
| Salesforce Known Issue | Description |
| Information Server is affected by a vulnerability in Connect2id Nimbus JOSE + JWT (CVE-2025-53864) | |
Information Server is affected by a vulnerability in Spring (CVE-2025-41249) | |
Information Server is affected by a vulnerability in Undertow (CVE-2025-9784) | |
Information Server is affected by a vulnerability in Netty codec (CVE-2025-58057) | |
Information Server is affected by a vulnerability in Axios (CVE-2025-58754) | |
Multiple vulnerabilities in IBM WebSphere Application Server Liberty affect Information Server | |
Information Server is affected by an XML external entity injection (XXE) vulnerability (CVE-2025-12531) | |
Information Server is vulnerable to cross-site request forgery (CVE-2025-36422) | |
Information Server is affected by a server-side request forgery (CVE-2025-12832) | |
Information Server is affected by multiple vulnerabilities in the JDBC driver for Apache Hive | |
Multiple vulnerabilities in Progress DataDirect JDBC drivers that are used by Information Server | |
Information Server is affected by multiple vulnerabilities in yawkat LZ4 Java | |
Information Server is vulnerable due to sensitive information written to a log file (CVE-2026-1265) | |
Information Server is affected by multiple vulnerabilities in Werkzeug | |
Information Server is affected by multiple vulnerabilities in urllib3 | |
Information Server is affected by an information disclosure vulnerability (CVE-2026-1262) | |
Information Server is vulnerable to disclosure of sensitive information (CVE-2025-14790) | |
Information Server is vulnerable to server-side request forgery (CVE-2025-14912) | |
Information Server is vulnerable to HTTP header injection (CVE-2025-14807) | |
Information Server is vulnerable due to disclosure of sensitive information (CVE-2025-14808) | |
Information Server is vulnerable due to insufficient session expiration (CVE-2025-14810) | |
Information Server is vulnerable to server-side request forgery (CVE-2026-1015) | |
Information Server is vulnerable due to Insecure Direct Object Reference (CVE-2025-14974) | |
Information Server is affected by a vulnerability in React (CVE-2018-6341) | |
Information Server is affected by a vulnerability in Apache Log4j (CVE-2025-68161) | |
Information Server is affected by multiple vulnerabilities in Apache Tika | |
Information Server is affected by a vulnerability in qs parse modules (CVE-2025-15284) | |
Information Server is affected by multiple vulnerabilities in Undertow | |
Information Server is affected by an XML external entity injection (XXE) vulnerability | |
Information Server is affected by a vulnerability in AssertJ (CVE-2026-24400) | |
Information Server is vulnerable due to plaintext storage of a password (CVE-2025-36258) | |
Information Server is vulnerable to cross-site scripting (CVE-2026-2483) | |
Information Server is vulnerable due to disclosure of sensitive information (CVE-2026-1014) | |
Information Server is vulnerable to stored cross-site scripting (CVE-2026-2485) | |
Information Server is vulnerable due to information exposure (CVE-2026-2484) |
Connectivity IBM/BigData
| Salesforce Known Issue | Description |
DB2 Connector fails to load data into partitioned table, reporting db2GetRowPartNum error with reason code 0, SQLCODE -6,039 | |
DB2 Connector logs redundant warnings when loading data into DB2 for z/OS database | |
Kafka Connector fails with StringIndexOutOfBoundsException after few hours of job execution |
Connectivity Non-IBM
| Salesforce Known Issue | Description |
Oracle connector executing After SQL statement even when the job aborts. | |
Allow using encrypted private key for connection in BigQuery Connector | |
Snowflake Connector gives handleElapsedTimeoutExceeded warning message | |
[Teradata Connector] Cannot convert to framework type for string | |
Add environment variable 'CC_TERA_USE_TTU_CLIENT_CONFIG_SSL' | |
Parquet performs incorrect UTC conversions when writing timestamp data. | |
Salesforce Connector does not save multiple job ids for Bulk V2 Load | |
Salesforce Connector using Bulk V2 aborts with Fatal Error while getting user info | |
Salesforce Connector adds extra quotes for rejected records in the Bulk V2 Mode | |
Output as JSON support for Avro File format while using Avrostream in GenericS3 Connector |
| Salesforce Known Issue | Description |
| DT463347 | DataStage Flow Designer taking more time to load project list for non-admin users |
DataStage DSCore/DSEngine/OpsConsole
| Salesforce Known Issue | Description |
| DT459872 | Designer client project drop-down list causes delay |
| DT453657 | CREATE.FILE and CREATE TABLE fail with Japanese name |
| DT459223 | Connector Import Wizard failed to save table definitions to the repository |
| DT465455 | Password sent in login request payload during basic authentication |
| DT463497 | Improper Input Handling in File Name Field Leading to Limited Command Execution |
| DT463504 | Parameter not resolvable issue in the Datastage job |
Information Analyzer
| Salesforce Known Issue | Description |
| DT459779 | Data Rule fails for zero records in Big Quality Projects |
| DT459784 | Data Rule with Uniqueness check returns incorrect result for Big Quality projects |
| DT459385 | Metric doesnt compute low percentage values |
| DT461874 | IA incorrectly maps columns when first column is empty in a flat file |
| DT462707 | Rule Stage jobs cannot be edited after upgrading to 11716 sp1 |
Was this topic helpful?
Document Information
Modified date:
24 March 2026
UID
ibm17261727