CVE-2012-3311

Sažetak

IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.45, 7.0 before 7.0.0.25, 8.0 before 8.0.0.5, and 8.5 before 8.5.0.1 on z/OS, in certain configurations involving Federated Repositories for IIOP connections and Optimized Local Adapters, does not perform CBIND checks, which allows local users to bypass intended access restrictions, and read or modify application data, via unspecified vectors.

Reference

http://www.ibm.com/support/docview.wss?uid=swg21611313
http://www.securityfocus.com/bid/55671
http://www-01.ibm.com/support/docview.wss?uid=swg1PM61388
https://exchange.xforce.ibmcloud.com/vulnerabilities/77697

CVSS

Base:	3.3
Impact:	4.9
Exploitability:	3.4

Pristup

Vektor	Složenost	Autentikacija
LOCAL	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	NONE

CVSS vektor

AV:L/AC:M/Au:N/C:P/I:P/A:N

Zadnje važnije ažuriranje

29-08-2017 - 01:31

Objavljeno

25-09-2012 - 20:55