Lucene search

IbmCVE-2012-0705

HistoryJan 31, 2013 - 12:06 p.m.

CVE-2012-0705

2013-01-3112:06:17

CWE-20

ibm

web.nvd.nist.gov

infosphere

import export manager

ibm

information server

metabrokers & bridges

security vulnerability

nvd

cve-2012-0705

CVSS2

7.1

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:S/C:C/I:C/A:C

AI Score

7.2

Confidence

Low

EPSS

0.002

Percentile

53.3%

JSON

InfoSphere Import Export Manager in InfoSphere Information Server MetaBrokers & Bridges (MBB) in IBM InfoSphere Information Server 8.1, 8.5 before FP3, 8.7, and 9.1 does not validate unspecified input data, which allows remote authenticated users to execute arbitrary commands via unknown vectors.

Affected configurations

Nvd

Node

ibminfosphere_information_serverMatch8.1

ibminfosphere_information_serverMatch8.5

ibminfosphere_information_serverMatch8.5.0.1

ibminfosphere_information_serverMatch8.5.0.2

ibminfosphere_information_serverMatch8.7

ibminfosphere_information_serverMatch9.1

ibminfosphere_information_server_metabrokers_\&_bridgesMatch-

VendorProductVersionCPE
ibminfosphere_information_server8.1cpe:2.3:a:ibm:infosphere_information_server:8.1:*:*:*:*:*:*:*
ibminfosphere_information_server8.5cpe:2.3:a:ibm:infosphere_information_server:8.5:*:*:*:*:*:*:*
ibminfosphere_information_server8.5.0.1cpe:2.3:a:ibm:infosphere_information_server:8.5.0.1:*:*:*:*:*:*:*
ibminfosphere_information_server8.5.0.2cpe:2.3:a:ibm:infosphere_information_server:8.5.0.2:*:*:*:*:*:*:*
ibminfosphere_information_server8.7cpe:2.3:a:ibm:infosphere_information_server:8.7:*:*:*:*:*:*:*
ibminfosphere_information_server9.1cpe:2.3:a:ibm:infosphere_information_server:9.1:*:*:*:*:*:*:*
ibminfosphere_information_server_metabrokers_\&_bridges-cpe:2.3:a:ibm:infosphere_information_server_metabrokers_\&_bridges:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
ibm	infosphere_information_server	8.1	cpe:2.3:a:ibm:infosphere_information_server:8.1:::::::*
ibm	infosphere_information_server	8.5	cpe:2.3:a:ibm:infosphere_information_server:8.5:::::::*
ibm	infosphere_information_server	8.5.0.1	cpe:2.3:a:ibm:infosphere_information_server:8.5.0.1:::::::*
ibm	infosphere_information_server	8.5.0.2	cpe:2.3:a:ibm:infosphere_information_server:8.5.0.2:::::::*
ibm	infosphere_information_server	8.7	cpe:2.3:a:ibm:infosphere_information_server:8.7:::::::*
ibm	infosphere_information_server	9.1	cpe:2.3:a:ibm:infosphere_information_server:9.1:::::::*
ibm	infosphere_information_server_metabrokers_\&_bridges	-	cpe:2.3:a:ibm:infosphere_information_server_metabrokers_\&_bridges:-:::::::*

References

www-01.ibm.com/support/docview.wss?uid=swg21623501

exchange.xforce.ibmcloud.com/vulnerabilities/73292

CVSS2

7.1

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:S/C:C/I:C/A:C

AI Score

7.2

Confidence

Low

EPSS

0.002

Percentile

53.3%

JSON

Related for CVE-2012-0705