CVE-2012-3317
Published Dec 5, 2012
Last updated 7 years ago
Overview
- Description
- IBM WebSphere Message Broker 6.1 before 6.1.0.11, 7.0 before 7.0.0.5, and 8.0 before 8.0.0.2 has incorrect ownership of certain uninstaller Java Runtime Environment (JRE) files, which might allow local users to gain privileges by leveraging access to uid 501 or gid 300.
- Source
- psirt@us.ibm.com
- NVD status
- Modified
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 6.9
- Impact score
- 10
- Exploitability score
- 3.4
- Vector string
- AV:L/AC:M/Au:N/C:C/I:C/A:C
Weaknesses
- nvd@nist.gov
- CWE-264
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:websphere_message_broker:6.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "69C3EE89-7F3F-4578-9EC8-7E03621D0273"
},
{
"criteria": "cpe:2.3:a:ibm:websphere_message_broker:6.1.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D74569CA-0038-4E8F-82DA-2B1938E3F67D"
},
{
"criteria": "cpe:2.3:a:ibm:websphere_message_broker:6.1.0.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "59D58AC0-EA2F-4DC4-82C9-C534497EFBD4"
},
{
"criteria": "cpe:2.3:a:ibm:websphere_message_broker:6.1.0.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "95F2360D-24D4-42C2-A0DA-0EC60827E1F1"
},
{
"criteria": "cpe:2.3:a:ibm:websphere_message_broker:6.1.0.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CE8A9C81-A697-4FD3-8B1D-3C7CFE8D7316"
},
{
"criteria": "cpe:2.3:a:ibm:websphere_message_broker:6.1.0.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9B1FE3CA-0AE3-44D0-A09D-38731BE07E78"
},
{
"criteria": "cpe:2.3:a:ibm:websphere_message_broker:6.1.0.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "66F5CA02-9FAA-4E4F-85AD-159C6634979F"
},
{
"criteria": "cpe:2.3:a:ibm:websphere_message_broker:6.1.0.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "10C438DC-71DA-4A64-AE9E-B55B0FAFE7D9"
},
{
"criteria": "cpe:2.3:a:ibm:websphere_message_broker:6.1.0.8:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5D7EE1CD-4ED8-45B4-892D-E4A7A96EF131"
},
{
"criteria": "cpe:2.3:a:ibm:websphere_message_broker:6.1.0.9:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "533721B3-7F21-4552-BDD1-A871CE5321DE"
},
{
"criteria": "cpe:2.3:a:ibm:websphere_message_broker:6.1.0.10:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B9A05E66-96E8-49C9-B0AA-192090DF3618"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:websphere_message_broker:7.0.:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "240F8B7E-D5F2-4450-97D2-45A4E427170D"
},
{
"criteria": "cpe:2.3:a:ibm:websphere_message_broker:7.0.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F76DCB43-6AFF-4C58-B646-423A6CECCA14"
},
{
"criteria": "cpe:2.3:a:ibm:websphere_message_broker:7.0.0.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1BC76D23-2211-40D8-8115-382BD7BA6ABD"
},
{
"criteria": "cpe:2.3:a:ibm:websphere_message_broker:7.0.0.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BD879AA3-9887-4C8F-BEDB-50A39D193C4C"
},
{
"criteria": "cpe:2.3:a:ibm:websphere_message_broker:7.0.0.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BA01CDC5-5725-460F-9DAD-B7F8094FAA69"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:websphere_message_broker:8.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0F93BF57-FD4F-456C-8DFD-CEF8B5AEF35D"
},
{
"criteria": "cpe:2.3:a:ibm:websphere_message_broker:8.0.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B859DAA9-1B0E-47CE-813D-108776C3B239"
}
],
"operator": "OR"
}
]
}
]