Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-3391

Overview

Vulnerability Score 4.0 4.0
CVE Id CVE-2011-3391
Last Modified 09 Sep 2011 12:00:00
Published 08 Sep 2011 02:55:05
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication SINGLE_INSTANCE

CVE-2011-3391

Summary

IBM Rational Build Forge 7.1.2 relies on client-side JavaScript code to enforce the EditSecurity permission requirement for the Export Key File function, which allows remote authenticated users to read a key file by removing a disable attribute in the Security sub-menu.

Vulnerable Systems

Application

  • Ibm Rational Build Forge 7.1.2


References

XF - ibm-rational-editsecurity-info-disclosure(69522)

BID - 49407

OSVDB - 74831

AIXAPAR - PM38058

SECTRACK - 1026004

SECUNIA - 45871


Last Updated: 27 May 2016 10:57:42