Lucene search
HistoryDec 26, 2012 - 6:55 p.m.
CVE-2012-4816
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
6.5
Confidence
Low
EPSS
0.005
Percentile
75.2%
IBM Rational Automation Framework (RAF) 3.x through 3.0.0.5 allows remote attackers to bypass intended Env Gen Wizard (aka Environment Generation Wizard) access restrictions by visiting context roots in HTTP sessions on port 8080.
Affected configurations
Node
ibmrational_automation_frameworkMatch3.0
ORibmrational_automation_frameworkMatch3.0.0.1
ORibmrational_automation_frameworkMatch3.0.0.2
ORibmrational_automation_frameworkMatch3.0.0.3
ORibmrational_automation_frameworkMatch3.0.0.4
ORibmrational_automation_frameworkMatch3.0.0.5
| Vendor | Product | Version | CPE |
|---|---|---|---|
| ibm | rational_automation_framework | 3.0 | cpe:2.3:a:ibm:rational_automation_framework:3.0:*:*:*:*:*:*:* |
| ibm | rational_automation_framework | 3.0.0.1 | cpe:2.3:a:ibm:rational_automation_framework:3.0.0.1:*:*:*:*:*:*:* |
| ibm | rational_automation_framework | 3.0.0.2 | cpe:2.3:a:ibm:rational_automation_framework:3.0.0.2:*:*:*:*:*:*:* |
| ibm | rational_automation_framework | 3.0.0.3 | cpe:2.3:a:ibm:rational_automation_framework:3.0.0.3:*:*:*:*:*:*:* |
| ibm | rational_automation_framework | 3.0.0.4 | cpe:2.3:a:ibm:rational_automation_framework:3.0.0.4:*:*:*:*:*:*:* |
| ibm | rational_automation_framework | 3.0.0.5 | cpe:2.3:a:ibm:rational_automation_framework:3.0.0.5:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2012-4816
2012-12-26 18:00:00
ibm
ibm
cve
cve
CVE-2012-4816
2012-12-26 18:55:01
prion
prion
Design/Logic Flaw
2012-12-26 18:55:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
6.5
Confidence
Low
EPSS
0.005
Percentile
75.2%
Related for NVD:CVE-2012-4816