Lucene search

K
cveIbmCVE-2012-4816
HistoryDec 26, 2012 - 6:55 p.m.

CVE-2012-4816

2012-12-2618:55:01
CWE-264
ibm
web.nvd.nist.gov
29
ibm
rational automation framework
raf
cve-2012-4816
nvd
security
vulnerability

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

6.7

Confidence

Low

EPSS

0.005

Percentile

75.2%

IBM Rational Automation Framework (RAF) 3.x through 3.0.0.5 allows remote attackers to bypass intended Env Gen Wizard (aka Environment Generation Wizard) access restrictions by visiting context roots in HTTP sessions on port 8080.

Affected configurations

Nvd
Node
ibmrational_automation_frameworkMatch3.0
OR
ibmrational_automation_frameworkMatch3.0.0.1
OR
ibmrational_automation_frameworkMatch3.0.0.2
OR
ibmrational_automation_frameworkMatch3.0.0.3
OR
ibmrational_automation_frameworkMatch3.0.0.4
OR
ibmrational_automation_frameworkMatch3.0.0.5
VendorProductVersionCPE
ibmrational_automation_framework3.0cpe:2.3:a:ibm:rational_automation_framework:3.0:*:*:*:*:*:*:*
ibmrational_automation_framework3.0.0.1cpe:2.3:a:ibm:rational_automation_framework:3.0.0.1:*:*:*:*:*:*:*
ibmrational_automation_framework3.0.0.2cpe:2.3:a:ibm:rational_automation_framework:3.0.0.2:*:*:*:*:*:*:*
ibmrational_automation_framework3.0.0.3cpe:2.3:a:ibm:rational_automation_framework:3.0.0.3:*:*:*:*:*:*:*
ibmrational_automation_framework3.0.0.4cpe:2.3:a:ibm:rational_automation_framework:3.0.0.4:*:*:*:*:*:*:*
ibmrational_automation_framework3.0.0.5cpe:2.3:a:ibm:rational_automation_framework:3.0.0.5:*:*:*:*:*:*:*

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

6.7

Confidence

Low

EPSS

0.005

Percentile

75.2%

Related for CVE-2012-4816