Lucene search

[email protected]NVD:CVE-2012-3311

HistorySep 25, 2012 - 8:55 p.m.

CVE-2012-3311

2012-09-2520:55:01

CWE-264

[email protected]

web.nvd.nist.gov

3.3 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:M/Au:N/C:P/I:P/A:N

5.8 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.45, 7.0 before 7.0.0.25, 8.0 before 8.0.0.5, and 8.5 before 8.5.0.1 on z/OS, in certain configurations involving Federated Repositories for IIOP connections and Optimized Local Adapters, does not perform CBIND checks, which allows local users to bypass intended access restrictions, and read or modify application data, via unspecified vectors.

Affected configurations

NVD

Node

ibmz\/osMatch-

AND

ibmwebsphere_application_serverMatch6.1.0

ibmwebsphere_application_serverMatch6.1.0.0

ibmwebsphere_application_serverMatch6.1.0.1

ibmwebsphere_application_serverMatch6.1.0.2

ibmwebsphere_application_serverMatch6.1.0.3

ibmwebsphere_application_serverMatch6.1.0.4

ibmwebsphere_application_serverMatch6.1.0.5

ibmwebsphere_application_serverMatch6.1.0.7

ibmwebsphere_application_serverMatch6.1.0.9

ibmwebsphere_application_serverMatch6.1.0.11

ibmwebsphere_application_serverMatch6.1.0.12

ibmwebsphere_application_serverMatch6.1.0.15

ibmwebsphere_application_serverMatch6.1.0.17

ibmwebsphere_application_serverMatch6.1.0.19

ibmwebsphere_application_serverMatch6.1.0.21

ibmwebsphere_application_serverMatch6.1.0.23

ibmwebsphere_application_serverMatch6.1.0.25

ibmwebsphere_application_serverMatch6.1.0.27

ibmwebsphere_application_serverMatch6.1.0.29

ibmwebsphere_application_serverMatch6.1.0.31

ibmwebsphere_application_serverMatch6.1.0.33

ibmwebsphere_application_serverMatch6.1.0.35

ibmwebsphere_application_serverMatch6.1.0.37

ibmwebsphere_application_serverMatch6.1.0.39

ibmwebsphere_application_serverMatch6.1.0.41

ibmwebsphere_application_serverMatch6.1.0.43

ibmwebsphere_application_serverMatch7.0.0.1

ibmwebsphere_application_serverMatch7.0.0.2

ibmwebsphere_application_serverMatch7.0.0.3

ibmwebsphere_application_serverMatch7.0.0.4

ibmwebsphere_application_serverMatch7.0.0.5

ibmwebsphere_application_serverMatch7.0.0.6

ibmwebsphere_application_serverMatch7.0.0.7

ibmwebsphere_application_serverMatch7.0.0.8

ibmwebsphere_application_serverMatch7.0.0.9

ibmwebsphere_application_serverMatch7.0.0.10

ibmwebsphere_application_serverMatch7.0.0.11

ibmwebsphere_application_serverMatch7.0.0.13

ibmwebsphere_application_serverMatch7.0.0.14

ibmwebsphere_application_serverMatch7.0.0.15

ibmwebsphere_application_serverMatch7.0.0.16

ibmwebsphere_application_serverMatch7.0.0.17

ibmwebsphere_application_serverMatch7.0.0.19

ibmwebsphere_application_serverMatch7.0.0.21

ibmwebsphere_application_serverMatch7.0.0.23

ibmwebsphere_application_serverMatch8.0.0.0

ibmwebsphere_application_serverMatch8.0.0.1

ibmwebsphere_application_serverMatch8.0.0.2

ibmwebsphere_application_serverMatch8.0.0.3

ibmwebsphere_application_serverMatch8.0.0.4

ibmwebsphere_application_serverMatch8.5.0.0

References

www-01.ibm.com/support/docview.wss?uid=swg1PM61388

www.ibm.com/support/docview.wss?uid=swg21611313

www.securityfocus.com/bid/55671

exchange.xforce.ibmcloud.com/vulnerabilities/77697

3.3 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:M/Au:N/C:P/I:P/A:N

5.8 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for NVD:CVE-2012-3311

seebug1 cve1 cvelist1 prion1 openvas1 ibm4 nessus4