Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-4816

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2012-4816
Last Modified 11 Jan 2013 12:00:00
Published 26 Dec 2012 01:55:01
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2012-4816

Summary

IBM Rational Automation Framework (RAF) 3.x through 3.0.0.5 allows remote attackers to bypass intended Env Gen Wizard (aka Environment Generation Wizard) access restrictions by visiting context roots in HTTP sessions on port 8080.

Vulnerable Systems

Application

  • Ibm Rational Automation Framework 3.0

  • Ibm Rational Automation Framework 3.0.0.1

  • Ibm Rational Automation Framework 3.0.0.2

  • Ibm Rational Automation Framework 3.0.0.3

  • Ibm Rational Automation Framework 3.0.0.4

  • Ibm Rational Automation Framework 3.0.0.5


References

XF - raf-environmentwizard-security-bypass(78379)

CONFIRM - http://www-01.ibm.com/support/docview.wss?uid=swg21620359


Last Updated: 27 May 2016 11:01:30