Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-4862

Overview

Vulnerability Score 2.1 2.1
CVE Id CVE-2012-4862
Last Modified 10 Apr 2013 11:31:18
Published 05 Dec 2012 06:57:14
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2012-4862

Summary

The Host Connect emulator in IBM Rational Developer for System z 7.1 through 8.5.1 does not properly store the SSL certificate password, which allows local users to obtain sensitive information via unspecified vectors.

Vulnerable Systems

Application

  • Ibm Rational Developer For System Z 7.1

  • Ibm Rational Developer For System Z 7.6.2.1

  • Ibm Rational Developer For System Z 7.6.2.2

  • Ibm Rational Developer For System Z 7.6.2.3

  • Ibm Rational Developer For System Z 7.6.2.4

  • Ibm Rational Developer For System Z 8.0.1.0

  • Ibm Rational Developer For System Z 8.0.2

  • Ibm Rational Developer For System Z 8.0.3

  • Ibm Rational Developer For System Z 8.0.3.1

  • Ibm Rational Developer For System Z 8.0.3.2

  • Ibm Rational Developer For System Z 8.0.3.3

  • Ibm Rational Developer For System Z 8.5.0

  • Ibm Rational Developer For System Z 8.5.0.1

  • Ibm Rational Developer For System Z 8.5.1


References

XF - rdz-ssl-info-disclosure(79919)

CONFIRM - http://www.ibm.com/support/docview.wss?uid=swg21617886

BID - 56725

SECTRACK - 1027818

SECUNIA - 51401


Last Updated: 27 May 2016 11:01:56