CVE-2015-5021

Name of the Vulnerable Software and Affected Versions IBM InfoSphere Information Server versions 11.3 through 11.5

Description The issue is related to insufficient access control to certain functions, allowing remote authenticated users to bypass intended job-execution restrictions or obtain sensitive information. This can enable an attacker to circumvent existing access restrictions and gain access to protected information.

Recommendations For IBM InfoSphere Information Server versions 11.3 through 11.5, consider restricting access to sensitive functions and data to minimize the risk of exploitation until a fix is available. As a temporary workaround, limit the privileges of remote authenticated DataStage users to prevent them from bypassing job-execution restrictions. At the moment, there is no information about a newer version that contains a fix for this vulnerability.