CVE-2024-35119

Name of the Vulnerable Software and Affected Versions: IBM InfoSphere Information Server version 11.7

Description: The issue is related to a potential information leak in error messages. It may allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in a stack trace. This information could be used in further attacks against the system.

Recommendations: For IBM InfoSphere Information Server version 11.7, consider restricting access to detailed technical error messages to minimize the risk of exploitation. As a temporary workaround, consider disabling the feature that returns detailed technical error messages in stack traces until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.