Vulnerability Name: | CVE-2012-0705 (CCN-73292) | ||||||||
Assigned: | 2012-01-17 | ||||||||
Published: | 2013-01-11 | ||||||||
Updated: | 2017-08-29 | ||||||||
Summary: | InfoSphere Import Export Manager in InfoSphere Information Server MetaBrokers & Bridges (MBB) in IBM InfoSphere Information Server 8.1, 8.5 before FP3, 8.7, and 9.1 does not validate unspecified input data, which allows remote authenticated users to execute arbitrary commands via unknown vectors. | ||||||||
CVSS v3 Severity: | 8.0 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H)
| ||||||||
CVSS v2 Severity: | 7.1 High (CVSS v2 Vector: AV:N/AC:H/Au:S/C:C/I:C/A:C) 5.3 Medium (Temporal CVSS v2 Vector: AV:N/AC:H/Au:S/C:C/I:C/A:C/E:U/RL:OF/RC:C)
5.3 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:H/Au:S/C:C/I:C/A:C/E:U/RL:OF/RC:C)
| ||||||||
Vulnerability Type: | CWE-20 | ||||||||
Vulnerability Consequences: | Gain Privileges | ||||||||
References: | Source: MITRE Type: CNA CVE-2012-0705 Source: CCN Type: SA52020 IBM InfoSphere Information Two Vulnerabilities Source: CCN Type: IBM Security Bulletin 1623501 Multiple security vulnerabilities in the IBM InfoSphere Information Server Suite Source: CONFIRM Type: Vendor Advisory http://www-01.ibm.com/support/docview.wss?uid=swg21623501 Source: XF Type: UNKNOWN infosphere-iem-cmd-execution(73292) Source: XF Type: UNKNOWN infosphere-iem-cmd-execution(73292) | ||||||||
Vulnerable Configuration: | Configuration 1: Configuration CCN 1: ![]() | ||||||||
BACK |