Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ibmIBM231CDD332AADC900F72A89B95AC9C39EF3105159A90F2E23593BEAA9E5E2A95E
HistorySep 25, 2022 - 8:45 p.m.

Security Bulletin: IBM InfoSphere Master Data Management Reference Data Management Hub affected by a vulnerability in the IBM JRE used by WebSphere Application Server (CVE-2012-5081)

2022-09-2520:45:36
www.ibm.com
15
ibm
infosphere
master data management
ibm jre
websphere
application server
cve-2012-5081
vulnerability
java runtime environment

0.042 Low

EPSS

Percentile

92.3%

JSON

Abstract

An unspecified vulnerability in the Java Runtime Environment (JRE) allows remote attackers to affect availability, related to JSSE.

Content

VULNERABILITY DETAILS: ** ** CVE ID: CVE-2012-5081
CVSS Base Score: 5
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/79435 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)

AFFECTED PRODUCTS:
IBM InfoSphere Master Data Management Reference Data Management Hub versions 10.0 and 10.1.

REMEDIATION:

Vendor Fix(es): ** **
For IBM InfoSphere Master Data Management Reference Data Management Hub V10.1 using IBM WebSphere Application Server V8.0.0.0 through 8.0.0.5:

ยท Apply PM75381: This will upgrade your system to SDK 6 (J9 2.6) SR4

For IBM InfoSphere Master Data Management Reference Data Management Hub V10.0 using IBM WebSphere Application Server V7.0.0.0 through 7.0.0.25:

ยท Apply PM75379: This will upgrade your system to SDK 6 SR12

Workaround(s):
None.

Mitigation(s):
None.

REFERENCES:
Complete CVSS Guide
On-line Calculator V2
X-Force Vulnerability Database
CVE-2012-5081

CHANGE HISTORY:
05-Mar-2013 Original version published

_*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Flash. _

_Note: _According to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an โ€œindustry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.โ€ IBM PROVIDES THE CVSS SCORES โ€œAS ISโ€ WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.

[{โ€œProductโ€:{โ€œcodeโ€:โ€œSSPVUAโ€,โ€œlabelโ€:โ€œIBM InfoSphere Master Data Management Serverโ€},โ€œBusiness Unitโ€:{โ€œcodeโ€:โ€œBU059โ€,โ€œlabelโ€:โ€œIBM Software w/o TPSโ€},โ€œComponentโ€:โ€œGeneral product informationโ€,โ€œPlatformโ€:[{โ€œcodeโ€:โ€œPF002โ€,โ€œlabelโ€:โ€œAIXโ€},{โ€œcodeโ€:โ€œPF027โ€,โ€œlabelโ€:โ€œSolarisโ€},{โ€œcodeโ€:โ€œPF010โ€,โ€œlabelโ€:โ€œHP-UXโ€},{โ€œcodeโ€:โ€œPF016โ€,โ€œlabelโ€:โ€œLinuxโ€}],โ€œVersionโ€:โ€œ10.0;10.1โ€,โ€œEditionโ€:โ€œWebSphereโ€,โ€œLine of Businessโ€:{โ€œcodeโ€:โ€œLOB10โ€,โ€œlabelโ€:โ€œData and AIโ€}}]

Related

ibm 17
nvd 2
prion 2
f5 1
cve 2
ubuntucve 1
cvelist 2
nessus 48
openvas 36
suse 9
redhat 11
cert 1
checkpoint_advisories 1
oraclelinux 3
amazon 2
centos 3
threatpost 1
veracode 22
ubuntu 1
securityvulns 1
oracle 1
gentoo 2
ibm
ibm
Security Bulletin: IBM Tivoli Federated Identity Manager Business Gateway can be affected by a vulnerability in IBM Java Runtime Environment (CVE-2012-5081)
2022-09-25 20:45:36
Security Bulletin: CVSS5 TLS Issue Disclosed in the Summary Advisory for the Oracle October 2012 CPU (CVE-2012-5081)
2022-02-23 17:02:11
Security Bulletin: IBM Tivoli Federated Identity Manager can be affected by a vulnerability in IBM Java Runtime Environment (CVE-2012-5081)
2022-09-25 20:45:36
nvd
nvd
CVE-2012-5081
2012-10-16 21:55:02
CVE-2012-3202
2012-10-17 00:55:02
prion
prion
Design/Logic Flaw
2012-10-16 21:55:00
Design/Logic Flaw
2012-10-17 00:55:00
f5
f5
K21018505 : JRE vulnerability CVE-2012-5081
2018-02-08 00:00:00
cve
cve
CVE-2012-5081
2012-10-16 21:55:02
CVE-2012-3202
2012-10-17 00:55:02
ubuntucve
ubuntucve
CVE-2012-5081
2012-10-16 00:00:00
cvelist
cvelist
CVE-2012-5081
2012-10-16 21:29:00
CVE-2012-3202
2012-10-17 00:00:00
nessus
nessus
Oracle JRockit R27 < R27.7.4.5 / R28 < R28.2.5.20 Multiple Vulnerabilities (October 2012 CPU)
2014-07-18 00:00:00
SUSE SLES10 / SLES11 Security Update : IBM Java 1.4.2 (SUSE-SU-2012:1490-1)
2015-05-20 00:00:00
SuSE 11.2 Security Update : IBM Java 1.4.2 (SAT Patch Number 7043)
2013-01-25 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2012:1490-1)
2021-06-09 00:00:00
Oracle Java SE JRE Multiple Unspecified Vulnerabilities-02 oct12 (Windows)
2012-10-19 00:00:00
Oracle Java SE JRE Multiple Unspecified Vulnerabilities - 02 - (Oct 2012) - Windows
2012-10-19 00:00:00
suse
suse
Security update for IBM Java 1.4.2 (important)
2012-11-16 21:09:15
Security update for IBM Java 1.5.0 (important)
2012-11-16 21:08:57
java-1_6_0-openjdk: update to 1.11.5 icedtea (important)
2012-10-31 17:08:34
redhat
redhat
(RHSA-2012:1485) Critical: java-1.4.2-ibm security update
2012-11-22 00:00:00
(RHSA-2012:1465) Critical: java-1.5.0-ibm security update
2012-11-15 00:00:00
(RHSA-2012:1385) Important: java-1.6.0-openjdk security update
2012-10-17 00:00:00
cert
cert
TLS implementations may disclose side channel information via discrepancies between valid and invalid PKCS#1 padding
2017-12-12 00:00:00
checkpoint_advisories
checkpoint_advisories
ROBOT TLS_RSA Scanning Attempt (CVE-2012-5081; CVE-2016-6883; CVE-2017-1000385; CVE-2017-12373; CVE-2017-13098; CVE-2017-13099; CVE-2017-17382; CVE-2017-17427; CVE-2017-17428; CVE-2017-17841; CVE-2017-6168)
2017-12-17 00:00:00
oraclelinux
oraclelinux
java-1.6.0-openjdk security update
2012-10-17 00:00:00
java-1.6.0-openjdk security update
2012-10-17 00:00:00
java-1.7.0-openjdk security update
2012-10-17 00:00:00
amazon
amazon
Important: java-1.6.0-openjdk
2012-10-23 10:38:00
Important: java-1.7.0-openjdk
2012-10-23 10:38:00
centos
centos
java security update
2012-10-17 21:21:03
java security update
2012-10-17 21:15:32
java security update
2012-10-17 21:16:08
threatpost
threatpost
Apple Patches Java Flaws
2012-10-18 13:44:08
veracode
veracode
Information Disclosure
2019-05-02 04:41:06
Memory Corruption
2019-05-02 04:41:04
Privilege Escalation
2019-05-02 04:41:05
ubuntu
ubuntu
OpenJDK vulnerabilities
2012-10-26 00:00:00
securityvulns
securityvulns
Oracle Java / OpenJDK multiple security vulnerabilities
2012-10-30 00:00:00
oracle
oracle
Oracle Critical Patch Update - October 2012
2012-10-16 00:00:00
gentoo
gentoo
IcedTea JDK: Multiple vulnerabilities
2014-06-29 00:00:00
Oracle JRE/JDK: Multiple vulnerabilities
2014-01-27 00:00:00

0.042 Low

EPSS

Percentile

92.3%

JSON
Related for 231CDD332AADC900F72A89B95AC9C39EF3105159A90F2E23593BEAA9E5E2A95E
ibm17nvd2prion2f51cve2ubuntucve1cvelist2nessus48openvas36suse9redhat11cert1checkpoint_advisories1oraclelinux3amazon2centos3threatpost1veracode22ubuntu1securityvulns1oracle1gentoo2