CVE-2012-3311 - Vulnerability Details

IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.45, 7.0 before 7.0.0.25, 8.0 before 8.0.0.5, and 8.5 before 8.5.0.1 on z/OS, in certain configurations involving Federated Repositories for IIOP connections and Optimized Local Adapters, does not perform CBIND checks, which allows local users to bypass intended access restrictions, and read or modify application data, via unspecified vectors.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Local

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact None

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Ibm	Websphere Application Server Z\/os

Configuration 1 [-]

AND

cpe:2.3:o:ibm:z\/os:-:*:*:*:*:*:*:*

OR	cpe:2.3:a:ibm:websphere_application_server:6.1.0:::::::*
	cpe:2.3:a:ibm:websphere_application_server:6.1.0.0:::::::*
	cpe:2.3:a:ibm:websphere_application_server:6.1.0.1:::::::*
	cpe:2.3:a:ibm:websphere_application_server:6.1.0.2:::::::*
	cpe:2.3:a:ibm:websphere_application_server:6.1.0.3:::::::*
	cpe:2.3:a:ibm:websphere_application_server:6.1.0.4:::::::*
	cpe:2.3:a:ibm:websphere_application_server:6.1.0.5:::::::*
	cpe:2.3:a:ibm:websphere_application_server:6.1.0.7:::::::*
	cpe:2.3:a:ibm:websphere_application_server:6.1.0.9:::::::*
	cpe:2.3:a:ibm:websphere_application_server:6.1.0.11:::::::*
	cpe:2.3:a:ibm:websphere_application_server:6.1.0.12:::::::*
	cpe:2.3:a:ibm:websphere_application_server:6.1.0.15:::::::*
	cpe:2.3:a:ibm:websphere_application_server:6.1.0.17:::::::*
	cpe:2.3:a:ibm:websphere_application_server:6.1.0.19:::::::*
	cpe:2.3:a:ibm:websphere_application_server:6.1.0.21:::::::*
	cpe:2.3:a:ibm:websphere_application_server:6.1.0.23:::::::*
	cpe:2.3:a:ibm:websphere_application_server:6.1.0.25:::::::*
	cpe:2.3:a:ibm:websphere_application_server:6.1.0.27:::::::*
	cpe:2.3:a:ibm:websphere_application_server:6.1.0.29:::::::*
	cpe:2.3:a:ibm:websphere_application_server:6.1.0.31:::::::*
	cpe:2.3:a:ibm:websphere_application_server:6.1.0.33:::::::*
	cpe:2.3:a:ibm:websphere_application_server:6.1.0.35:::::::*
	cpe:2.3:a:ibm:websphere_application_server:6.1.0.37:::::::*
	cpe:2.3:a:ibm:websphere_application_server:6.1.0.39:::::::*
	cpe:2.3:a:ibm:websphere_application_server:6.1.0.41:::::::*
	cpe:2.3:a:ibm:websphere_application_server:6.1.0.43:::::::*
	cpe:2.3:a:ibm:websphere_application_server:7.0.0.1:::::::*
	cpe:2.3:a:ibm:websphere_application_server:7.0.0.2:::::::*
	cpe:2.3:a:ibm:websphere_application_server:7.0.0.3:::::::*
	cpe:2.3:a:ibm:websphere_application_server:7.0.0.4:::::::*
	cpe:2.3:a:ibm:websphere_application_server:7.0.0.5:::::::*
	cpe:2.3:a:ibm:websphere_application_server:7.0.0.6:::::::*
	cpe:2.3:a:ibm:websphere_application_server:7.0.0.7:::::::*
	cpe:2.3:a:ibm:websphere_application_server:7.0.0.8:::::::*
	cpe:2.3:a:ibm:websphere_application_server:7.0.0.9:::::::*
	cpe:2.3:a:ibm:websphere_application_server:7.0.0.10:::::::*
	cpe:2.3:a:ibm:websphere_application_server:7.0.0.11:::::::*
	cpe:2.3:a:ibm:websphere_application_server:7.0.0.13:::::::*
	cpe:2.3:a:ibm:websphere_application_server:7.0.0.14:::::::*
	cpe:2.3:a:ibm:websphere_application_server:7.0.0.15:::::::*
	cpe:2.3:a:ibm:websphere_application_server:7.0.0.16:::::::*
	cpe:2.3:a:ibm:websphere_application_server:7.0.0.17:::::::*
	cpe:2.3:a:ibm:websphere_application_server:7.0.0.19:::::::*
	cpe:2.3:a:ibm:websphere_application_server:7.0.0.21:::::::*
	cpe:2.3:a:ibm:websphere_application_server:7.0.0.23:::::::*
	cpe:2.3:a:ibm:websphere_application_server:8.0.0.0:::::::*
	cpe:2.3:a:ibm:websphere_application_server:8.0.0.1:::::::*
	cpe:2.3:a:ibm:websphere_application_server:8.0.0.2:::::::*
	cpe:2.3:a:ibm:websphere_application_server:8.0.0.3:::::::*
	cpe:2.3:a:ibm:websphere_application_server:8.0.0.4:::::::*
	cpe:2.3:a:ibm:websphere_application_server:8.5.0.0:::::::*

No data.

References

Link	Providers
http://www-01.ibm.com/support/docview.wss?uid=swg1PM61388
http://www.ibm.com/support/docview.wss?uid=swg21611313
http://www.securityfocus.com/bid/55671
https://exchange.xforce.ibmcloud.com/vulnerabilities/77697

History

No history.

MITRE

Status: PUBLISHED

Assigner: ibm

Published: 2012-09-25T20:00:00

Updated: 2024-08-06T19:57:50.466Z

Reserved: 2012-06-07T00:00:00

Link: CVE-2012-3311

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2012-09-25T20:55:01.220

Modified: 2025-04-11T00:51:21.963

Link: CVE-2012-3311

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2012-09-24T00:00:00", "descriptions": [{"lang": "en", "value": "IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.45, 7.0 before 7.0.0.25, 8.0 before 8.0.0.5, and 8.5 before 8.5.0.1 on z/OS, in certain configurations involving Federated Repositories for IIOP connections and Optimized Local Adapters, does not perform CBIND checks, which allows local users to bypass intended access restrictions, and read or modify application data, via unspecified vectors."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-08-28T12:57:01", "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "shortName": "ibm"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://www.ibm.com/support/docview.wss?uid=swg21611313"}, {"name": "55671", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/55671"}, {"name": "was-cbind-iiop(77697)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/77697"}, {"name": "PM61388", "tags": ["vendor-advisory", "x_refsource_AIXAPAR"], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PM61388"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@us.ibm.com", "ID": "CVE-2012-3311", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.45, 7.0 before 7.0.0.25, 8.0 before 8.0.0.5, and 8.5 before 8.5.0.1 on z/OS, in certain configurations involving Federated Repositories for IIOP connections and Optimized Local Adapters, does not perform CBIND checks, which allows local users to bypass intended access restrictions, and read or modify application data, via unspecified vectors."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://www.ibm.com/support/docview.wss?uid=swg21611313", "refsource": "CONFIRM", "url": "http://www.ibm.com/support/docview.wss?uid=swg21611313"}, {"name": "55671", "refsource": "BID", "url": "http://www.securityfocus.com/bid/55671"}, {"name": "was-cbind-iiop(77697)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/77697"}, {"name": "PM61388", "refsource": "AIXAPAR", "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PM61388"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T19:57:50.466Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.ibm.com/support/docview.wss?uid=swg21611313"}, {"name": "55671", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/55671"}, {"name": "was-cbind-iiop(77697)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/77697"}, {"name": "PM61388", "tags": ["vendor-advisory", "x_refsource_AIXAPAR", "x_transferred"], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PM61388"}]}]}, "cveMetadata": {"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "assignerShortName": "ibm", "cveId": "CVE-2012-3311", "datePublished": "2012-09-25T20:00:00", "dateReserved": "2012-06-07T00:00:00", "dateUpdated": "2024-08-06T19:57:50.466Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:ibm:z\\/os:-:*:*:*:*:*:*:*", "matchCriteriaId": "0E97A964-6F9E-4C87-9B90-21AE2C1DF52F", "vulnerable": false}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:a:ibm:websphere_application_server:6.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "95255265-6D69-46D3-9FFA-8EDB1734375C", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_application_server:6.1.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "2E4191D3-64AB-482C-9DEF-DD04C4C942CE", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_application_server:6.1.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "5FC6EB31-9707-408B-8BF5-66BD23441A75", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_application_server:6.1.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "9B73E052-AF4F-4543-AA03-F5B1FA976EA8", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_application_server:6.1.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "23171B81-C991-467A-95A4-EDDAC59C37BC", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_application_server:6.1.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "CBD75308-7F21-4DDF-AD66-C155CF4B721B", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_application_server:6.1.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "2586C584-3258-414B-AB28-1EBA0DBD0B83", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_application_server:6.1.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "BCA175EA-EDC6-4228-8E28-E9BBC981E60A", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_application_server:6.1.0.9:*:*:*:*:*:*:*", "matchCriteriaId": "C6A4EC9D-98C2-40B0-BA40-4838FE8D1FF7", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_application_server:6.1.0.11:*:*:*:*:*:*:*", "matchCriteriaId": "7AF5BB33-4E78-4123-8093-EBEE2F2B5598", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_application_server:6.1.0.12:*:*:*:*:*:*:*", "matchCriteriaId": "E3F4B8EA-9299-42C1-AAFB-831701ED2FA2", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_application_server:6.1.0.15:*:*:*:*:*:*:*", "matchCriteriaId": "13CA9A59-DFE4-4566-8719-E6FA4720F06A", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_application_server:6.1.0.17:*:*:*:*:*:*:*", "matchCriteriaId": "A89DD1BF-4AB0-480D-9856-B1BEA73A4AAD", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_application_server:6.1.0.19:*:*:*:*:*:*:*", "matchCriteriaId": "49E119EF-B6A5-4B6C-B199-C64F62CA7CB2", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_application_server:6.1.0.21:*:*:*:*:*:*:*", "matchCriteriaId": "C9C8FA3D-9162-4D9B-8250-FAC93ED77A2D", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_application_server:6.1.0.23:*:*:*:*:*:*:*", "matchCriteriaId": "E06DE5D4-D3A5-4783-ACE0-A80808DB09C9", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_application_server:6.1.0.25:*:*:*:*:*:*:*", "matchCriteriaId": "ABBABA44-D18E-4329-9C2B-90828DAD468B", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_application_server:6.1.0.27:*:*:*:*:*:*:*", "matchCriteriaId": "BDBB08AC-52AD-4D5A-9E76-AFB283D5FE5C", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_application_server:6.1.0.29:*:*:*:*:*:*:*", "matchCriteriaId": "335D5585-9587-4AD7-A18E-4A3706ABBAF7", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_application_server:6.1.0.31:*:*:*:*:*:*:*", "matchCriteriaId": "A80D58C4-3DCA-4A37-9626-6DC957CEBE90", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_application_server:6.1.0.33:*:*:*:*:*:*:*", "matchCriteriaId": "38ABD537-EA96-4049-AF05-29C8A6C6D96A", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_application_server:6.1.0.35:*:*:*:*:*:*:*", "matchCriteriaId": "DC3B2A9B-C647-4C9E-9F1E-B7996C558EAD", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_application_server:6.1.0.37:*:*:*:*:*:*:*", "matchCriteriaId": "550773DB-D436-4AB3-834D-D8FAC7345A4A", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_application_server:6.1.0.39:*:*:*:*:*:*:*", "matchCriteriaId": "F2F65FE5-113E-43A0-BA47-87D76E709CB3", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_application_server:6.1.0.41:*:*:*:*:*:*:*", "matchCriteriaId": "B0EEE94F-7B2D-43E1-A410-F913D646B25A", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_application_server:6.1.0.43:*:*:*:*:*:*:*", "matchCriteriaId": "E40505D7-F7FB-407D-88E6-8B0AFF5E3546", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_application_server:7.0.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "B108457A-50DC-4432-9E30-98ADBEBF2389", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_application_server:7.0.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "4A8FC820-48D5-4850-82F7-8DA4A18EFF51", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_application_server:7.0.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "0661F4A0-A520-4443-B19D-6885920ADFE5", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_application_server:7.0.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "A553A6E7-64AA-41F2-9B92-4EC715C617B0", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_application_server:7.0.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "9BFBDE57-3895-4841-B23C-06336A7016EB", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_application_server:7.0.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "CF56870A-F9D3-4544-B63A-EFC2E82A1F7D", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_application_server:7.0.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "30B7A7B9-FCD1-4509-93CF-C5B736B04F4B", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_application_server:7.0.0.8:*:*:*:*:*:*:*", "matchCriteriaId": "C93D1CE2-1772-44C0-A8CB-73E9AA1AF6B8", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_application_server:7.0.0.9:*:*:*:*:*:*:*", "matchCriteriaId": "90BA0923-4064-49D3-82A2-EEFC4B0F9A9C", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_application_server:7.0.0.10:*:*:*:*:*:*:*", "matchCriteriaId": "6289CCB4-9A13-4BB5-B44E-7CA936DD8421", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_application_server:7.0.0.11:*:*:*:*:*:*:*", "matchCriteriaId": "833256BB-E2A6-4FE9-BE4F-982578023E43", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_application_server:7.0.0.13:*:*:*:*:*:*:*", "matchCriteriaId": "CE94EFF2-CA86-4179-8250-350DF0D2BE83", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_application_server:7.0.0.14:*:*:*:*:*:*:*", "matchCriteriaId": "373412A5-2971-4C92-BAAE-A1B77D2DA723", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_application_server:7.0.0.15:*:*:*:*:*:*:*", "matchCriteriaId": "920F69CD-DEDB-4393-BE6E-B837BA6820B9", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_application_server:7.0.0.16:*:*:*:*:*:*:*", "matchCriteriaId": "7B5FE844-7F1C-4326-94EF-2CC0B4196085", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_application_server:7.0.0.17:*:*:*:*:*:*:*", "matchCriteriaId": "5662B903-5480-403D-BC3D-2222F88264A6", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_application_server:7.0.0.19:*:*:*:*:*:*:*", "matchCriteriaId": "4D82C3F2-9C50-4D1A-B939-77FC53E44EDF", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_application_server:7.0.0.21:*:*:*:*:*:*:*", "matchCriteriaId": "03E6BAB6-D0D8-4698-BCF9-05D5A256FD37", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_application_server:7.0.0.23:*:*:*:*:*:*:*", "matchCriteriaId": "EF042A51-E34A-482C-8601-9FD09E6C866A", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_application_server:8.0.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "AF1667C5-D19B-469C-82D5-8406B6D75EDE", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_application_server:8.0.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "89551609-69B7-452A-9CB2-04C12D268B41", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_application_server:8.0.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "AF27B7D7-4442-47CA-880D-D3B5412AEF9D", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_application_server:8.0.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "B595B048-4204-49B4-9497-B8D119C8784D", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_application_server:8.0.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "DC38B5D4-66A3-4671-9099-0F38D283BA94", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_application_server:8.5.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "1FD8F9CE-4E98-4187-B84A-429FA1C65E2D", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.45, 7.0 before 7.0.0.25, 8.0 before 8.0.0.5, and 8.5 before 8.5.0.1 on z/OS, in certain configurations involving Federated Repositories for IIOP connections and Optimized Local Adapters, does not perform CBIND checks, which allows local users to bypass intended access restrictions, and read or modify application data, via unspecified vectors."}, {"lang": "es", "value": "IBM WebSphere Application Server (WAS) v6.1 anteriores a v6.1.0.45, 7.0 anteriores a v7.0.0.25, 8.0 anteriores a v8.0.0.5, y 8.5 anteriores a v8.5.0.1 en z/OS, en ciertas configuraciones que implican Federated Repositories para conexiones IIOP y Optimized Local Adapters, no hacen las comprobaciones CBIND, lo que permite a usuarios locales evitar las restricciones de acceso establecidas, y leer y modificar datos de aplicaciones, a trav\u00e9s de vectores no espec\u00edficos."}], "id": "CVE-2012-3311", "lastModified": "2025-04-11T00:51:21.963", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 3.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 3.4, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2012-09-25T20:55:01.220", "references": [{"source": "psirt@us.ibm.com", "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PM61388"}, {"source": "psirt@us.ibm.com", "tags": ["Vendor Advisory"], "url": "http://www.ibm.com/support/docview.wss?uid=swg21611313"}, {"source": "psirt@us.ibm.com", "url": "http://www.securityfocus.com/bid/55671"}, {"source": "psirt@us.ibm.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/77697"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PM61388"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://www.ibm.com/support/docview.wss?uid=swg21611313"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/55671"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/77697"}], "sourceIdentifier": "psirt@us.ibm.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-264"}], "source": "nvd@nist.gov", "type": "Primary"}]}

Metrics

Access Vector Local

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact None

Affected Vendors & Products

Metrics

Access Vector Local

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact None

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object