PT-2026-28114 · Ibm · Ibm Infosphere Information Server+1
Published
2026-03-25
·
Updated
2026-03-25
·
CVE-2025-36422
CVSS v3.1
4.3
Medium
| Vector | AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
IBM InfoSphere Information Server versions 11.7.0.0 through 11.7.1.6
Description
IBM InfoSphere DataStage Flow Designer is susceptible to cross-site request forgery. This could allow an attacker to perform unauthorized actions using the privileges of a trusted user. The issue involves malicious requests being transmitted to the website.
Recommendations
IBM InfoSphere Information Server versions prior to 11.7.0.0 and after 11.7.1.6 should be used.
Fix
CSRF
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ibm Infosphere Datastage
Ibm Infosphere Information Server