Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-0731

Overview

Vulnerability Score 6.8 6.8
CVE Id CVE-2012-0731
Last Modified 14 Feb 2013 11:53:54
Published 03 May 2012 12:08:24
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication SINGLE_INSTANCE

CVE-2012-0731

Summary

IBM Rational AppScan Enterprise 5.x and 8.x before 8.5.0.1 does not prevent service-account impersonation, which allows remote authenticated users to read arbitrary files via unspecified vectors.

Vulnerable Systems

Application

  • Ibm Rational Appscan 5.2

  • Ibm Rational Appscan 5.4

  • Ibm Rational Appscan 5.5.0

  • Ibm Rational Appscan 5.5.0.1

  • Ibm Rational Appscan 5.5.0.2

  • Ibm Rational Appscan 5.6.0

  • Ibm Rational Appscan 5.6.0.3

  • Ibm Rational Appscan 8.0.0

  • Ibm Rational Appscan 8.0.0.1

  • Ibm Rational Appscan 8.0.0.2

  • Ibm Rational Appscan 8.0.0.3

  • Ibm Rational Appscan 8.0.1

  • Ibm Rational Appscan 8.0.1.1

  • Ibm Rational Appscan 8.5.0

  • Ibm Rational Appscan 8.5.0.0


References

XF - ae-config-info-disclosure(74371)

CONFIRM - http://www.ibm.com/support/docview.wss?uid=swg21592188

SECUNIA - 48968

SECUNIA - 48967

BID - 53247


Last Updated: 27 May 2016 10:57:31