CVE-2012-0702
Published Jan 31, 2013
Last updated 7 years ago
Overview
- Description
- Information Services Framework (ISF) in IBM InfoSphere Information Server 8.1, 8.5 before FP3, and 8.7 does not properly determine authorization, which allows remote authenticated users to gain privileges via unspecified vectors.
- Source
- psirt@us.ibm.com
- NVD status
- Modified
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 4
- Impact score
- 2.9
- Exploitability score
- 8
- Vector string
- AV:N/AC:L/Au:S/C:P/I:N/A:N
Weaknesses
- nvd@nist.gov
- CWE-287
Social media
- Hype score
- Not currently trending
Evaluator
- Comment
- -
- Impact
- Per: http://xforce.iss.net/xforce/xfdb/73287 "IBM InfoSphere Information Server could allow a remote authenticated attacker to gain elevated privileges due to insecure authentication controls."
- Solution
- Per: http://xforce.iss.net/xforce/xfdb/73287 "IBM InfoSphere Information Server could allow a remote authenticated attacker to gain elevated privileges due to insecure authentication controls."
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:infosphere_information_server:8.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "317FAE67-76E2-4084-9393-8A02D255BAF5"
},
{
"criteria": "cpe:2.3:a:ibm:infosphere_information_server:8.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CA7096B4-291F-49BB-8DBC-E67AC901CF08"
},
{
"criteria": "cpe:2.3:a:ibm:infosphere_information_server:8.5.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D547E88D-FE3F-4C90-B7D8-301A1449E9AB"
},
{
"criteria": "cpe:2.3:a:ibm:infosphere_information_server:8.5.0.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5585D2C4-6575-4469-A6EF-CCDC3A0BEDB2"
},
{
"criteria": "cpe:2.3:a:ibm:infosphere_information_server:8.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "42A9CF5C-79EC-4BBF-92AF-2AB3DC125684"
},
{
"criteria": "cpe:2.3:a:ibm:infosphere_information_server_information_services_framework:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "30D17035-67E7-4489-A3C0-CFC81C0A3835"
}
],
"operator": "OR"
}
]
}
]