Lucene search

IbmCVE-2012-0204

HistoryJan 31, 2013 - 12:06 p.m.

CVE-2012-0204

2013-01-3112:06:17

ibm

web.nvd.nist.gov

cve-2012-0204

infosphere

untrusted search path vulnerability

import export manager

ibm

nvd

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

6.5

Confidence

Low

EPSS

0.001

Percentile

29.4%

JSON

Untrusted search path vulnerability in InfoSphere Import Export Manager 8.1 through 9.1 in InfoSphere Information Server MetaBrokers & Bridges (MBB) in IBM InfoSphere Information Server 8.1, 8.5 before FP3, 8.7, and 9.1 allows local users to gain privileges via a Trojan horse DLL in the current working directory.

Affected configurations

Nvd

Node

ibminfosphere_import_export_managerMatch8.1

ibminfosphere_import_export_managerMatch8.1.1

ibminfosphere_import_export_managerMatch8.1.2

ibminfosphere_import_export_managerMatch8.5

ibminfosphere_import_export_managerMatch8.7

ibminfosphere_import_export_managerMatch9.1

ibminfosphere_information_serverMatch8.1

ibminfosphere_information_serverMatch8.5

ibminfosphere_information_serverMatch8.5.0.1

ibminfosphere_information_serverMatch8.5.0.2

ibminfosphere_information_serverMatch8.7

ibminfosphere_information_serverMatch9.1

ibminfosphere_information_server_metabrokers_\&_bridgesMatch-

VendorProductVersionCPE
ibminfosphere_import_export_manager8.1cpe:2.3:a:ibm:infosphere_import_export_manager:8.1:*:*:*:*:*:*:*
ibminfosphere_import_export_manager8.1.1cpe:2.3:a:ibm:infosphere_import_export_manager:8.1.1:*:*:*:*:*:*:*
ibminfosphere_import_export_manager8.1.2cpe:2.3:a:ibm:infosphere_import_export_manager:8.1.2:*:*:*:*:*:*:*
ibminfosphere_import_export_manager8.5cpe:2.3:a:ibm:infosphere_import_export_manager:8.5:*:*:*:*:*:*:*
ibminfosphere_import_export_manager8.7cpe:2.3:a:ibm:infosphere_import_export_manager:8.7:*:*:*:*:*:*:*
ibminfosphere_import_export_manager9.1cpe:2.3:a:ibm:infosphere_import_export_manager:9.1:*:*:*:*:*:*:*
ibminfosphere_information_server8.1cpe:2.3:a:ibm:infosphere_information_server:8.1:*:*:*:*:*:*:*
ibminfosphere_information_server8.5cpe:2.3:a:ibm:infosphere_information_server:8.5:*:*:*:*:*:*:*
ibminfosphere_information_server8.5.0.1cpe:2.3:a:ibm:infosphere_information_server:8.5.0.1:*:*:*:*:*:*:*
ibminfosphere_information_server8.5.0.2cpe:2.3:a:ibm:infosphere_information_server:8.5.0.2:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
ibm	infosphere_import_export_manager	8.1	cpe:2.3:a:ibm:infosphere_import_export_manager:8.1:::::::*
ibm	infosphere_import_export_manager	8.1.1	cpe:2.3:a:ibm:infosphere_import_export_manager:8.1.1:::::::*
ibm	infosphere_import_export_manager	8.1.2	cpe:2.3:a:ibm:infosphere_import_export_manager:8.1.2:::::::*
ibm	infosphere_import_export_manager	8.5	cpe:2.3:a:ibm:infosphere_import_export_manager:8.5:::::::*
ibm	infosphere_import_export_manager	8.7	cpe:2.3:a:ibm:infosphere_import_export_manager:8.7:::::::*
ibm	infosphere_import_export_manager	9.1	cpe:2.3:a:ibm:infosphere_import_export_manager:9.1:::::::*
ibm	infosphere_information_server	8.1	cpe:2.3:a:ibm:infosphere_information_server:8.1:::::::*
ibm	infosphere_information_server	8.5	cpe:2.3:a:ibm:infosphere_information_server:8.5:::::::*
ibm	infosphere_information_server	8.5.0.1	cpe:2.3:a:ibm:infosphere_information_server:8.5.0.1:::::::*
ibm	infosphere_information_server	8.5.0.2	cpe:2.3:a:ibm:infosphere_information_server:8.5.0.2:::::::*

Rows per page:

1-10 of 131

References

www-01.ibm.com/support/docview.wss?uid=swg21623501

exchange.xforce.ibmcloud.com/vulnerabilities/73255

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

6.5

Confidence

Low

EPSS

0.001

Percentile

29.4%

JSON

Related for CVE-2012-0204