Severity by source
AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
Lifecycle Timeline
4DescriptionCVE.org
IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks.
AnalysisAI
IBM InfoSphere Information Server versions 11.7.0.0 through 11.7.1.6 contain a server-side request forgery (SSRF) vulnerability that allows authenticated attackers to send unauthorized requests from the affected system. This could enable network enumeration, lateral movement, or facilitate secondary attacks against internal systems. The vulnerability requires valid authentication credentials but presents moderate risk with a CVSS score of 5.4 and has an available patch from IBM.
Technical ContextAI
The vulnerability is classified as CWE-918 (Server-Side Request Forgery), which occurs when an application accepts user-controlled input to construct requests sent by the server without proper validation. In IBM InfoSphere Information Server (cpe:2.3:a:ibm:infosphere_information_server), the SSRF flaw likely exists in web service handlers or data integration components that process URLs or external service references. InfoSphere Information Server is an enterprise data integration and governance platform that manages data flows and metadata across distributed systems, making SSRF particularly dangerous as it could pivot from the application server to reach internal databases, APIs, or administrative interfaces not directly exposed to the attacker.
RemediationAI
Apply the security patch provided by IBM at https://www.ibm.com/support/pages/node/7266740, which addresses the SSRF vulnerability in affected versions. Users should upgrade to a patched version of InfoSphere Information Server 11.7.1.7 or later, or migrate to a supported release if available. As an interim control, network access should be restricted to prevent the InfoSphere server from reaching sensitive internal systems—implement egress filtering rules that limit outbound connections to only necessary services and implement IP allowlisting for service-to-service communication. Additionally, audit logs should be monitored for unusual outbound connection attempts or unexpected requests from InfoSphere processes.
Same weakness CWE-918 – Server-Side Request Forgery (SSRF)
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-15978
GHSA-xfqr-cg7j-569j