CVE-2025-0966

Name of the Vulnerable Software and Affected Versions: IBM InfoSphere Information Server version 11.7

Description: The issue allows a remote attacker to send specially crafted SQL statements, which could enable the attacker to view, add, modify, or delete information in the back-end database. This is a result of the software being vulnerable to SQL injection.

Recommendations: For IBM InfoSphere Information Server version 11.7, consider restricting access to the database to minimize the risk of exploitation until a patch is available. As a temporary workaround, limit the use of SQL statements from remote sources to reduce the vulnerability to SQL injection attacks.