CVE-2021-29738

Name of the Vulnerable Software and Affected Versions IBM InfoSphere Data Flow Designer (IBM InfoSphere Information Server 11.7)

Description The issue is related to server-side request forgery (SSRF), which may allow an authenticated attacker to send unauthorized requests from the system. This could potentially lead to network enumeration or facilitate other attacks.

Recommendations For IBM InfoSphere Data Flow Designer (IBM InfoSphere Information Server 11.7), consider restricting access to sensitive network resources to minimize the risk of exploitation. As a temporary workaround, review and limit the use of any functionality that may be leveraged for sending unauthorized requests. At the moment, there is no information about a newer version that contains a fix for this vulnerability.