IBM InfoSphere Information Server contains a vulnerability that would allow an authenticated user to browse any file on the engine tier, and examine its contents.
CVEID: CVE-2016-5994 DESCRIPTION: IBM InfoSphere Information Server contains a vulnerability that would allow an authenticated user to browse any file on the engine tier, and examine its contents.
CVSS Base Score: 6.8
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/116652 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N)
The following product, running on all supported platforms, are affected:
IBM InfoSphere Information Server: versions 11.5
Product
| VRMF|APAR|Remediation/First Fix
—|—|—|—
InfoSphere Information Server| 11.5| --| --Use TechNote to follow configuration steps
See TechNote