Vulnerability CVE-2012-3325 - CERT Civis.Net

Vulnerability Name:

CVE-2012-3325 (CCN-77959)

Assigned:

2012-08-28

Published:

2012-08-28

Updated:

2017-08-29

Summary:

IBM WebSphere Application Server (WAS) 6.1.x before 6.1.0.45, 7.0.x before 7.0.0.25, 8.0.x before 8.0.0.5, and 8.5.x Full Profile before 8.5.0.1, when the PM44303 fix is installed, does not properly validate credentials, which allows remote authenticated users to obtain administrative access via unspecified vectors.

CVSS v3 Severity:

4.6 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): High Privileges Required (PR): Low User Interaction (UI): Required
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): Low Availibility (A): Low

CVSS v2 Severity:

6.0 Medium (CVSS v2 Vector: AV:N/AC:M/Au:S/C:P/I:P/A:P)
4.4 Medium (Temporal CVSS v2 Vector: AV:N/AC:M/Au:S/C:P/I:P/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): Single_Instance
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

6.0 Medium (CCN CVSS v2 Vector: AV:N/AC:M/Au:S/C:P/I:P/A:P)
4.4 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:S/C:P/I:P/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Athentication (Au): Single_Instance
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

Vulnerability Type:

Vulnerability Consequences:

Bypass Security

References:

Source: MITRE
Type: CNA
CVE-2012-3325

Source: CCN
Type: SA50471
IBM WebSphere Application Server Administrative Access Security Bypass Vulnerability

Source: CCN
Type: SA51306
IBM Intelligent Operations Center Administrative Access Security Bypass Vulnerability

Source: CCN
Type: SA53006
IBM Tivoli System Automation Application Manager Multiple Vulnerabilities

Source: CCN
Type: SA54971
IBM Tivoli Integrated Portal Multiple Vulnerabilities

Source: SECUNIA
Type: UNKNOWN
54971

Source: CCN
Type: SA55115
IBM Tivoli Dynamic Workload Console Multiple Vulnerabilities

Source: SECUNIA
Type: UNKNOWN
55115

Source: AIXAPAR
Type: UNKNOWN
PM71296

Source: CCN
Type: IBM Security Bulletin 1609067
Potential security exposure with IBM WebSphere Application Server after installing PM44303

Source: CCN
Type: IBM Security Bulletin 1611313
Security Vulnerabilities fixed in IBM WebSphere Application Server 7.0.0.25

Source: CCN
Type: IBM Security Bulletin 1614265
Security Vulnerabilities fixed in IBM WebSphere Application Server 8.5.0.1

Source: CCN
Type: IBM Security Bulletin 1616337
Potential security exposure with IBM Rational Developer for System z after installing PM44303 for WebSphere Application Server

Source: CCN
Type: IBM Security Bulletin 1620517
Tivoli Federated Identity Manager Potential security exposure with IBM WebSphere Application Server APAR PM44303 (CVE-2012-3325)

Source: CCN
Type: IBM Security Bulletin 1621420
IBM Service Delivery Manager security exposure after installing PM44303 for WebSphere Application Server (CVE-2012-3325)

Source: CCN
Type: IBM Security Bulletin 1633992
Security Bulletin: Tivoli System Automation Application Mgr 3.2.2 (WAS)

Source: CCN
Type: IBM Security Bulletin 1642791
IBM WebSphere Appliance Management Center, multiple security vulnerabilities in IBM Tivoli Integrated Portal

Source: CCN
Type: IBM Security Bulletin 1646292
Tivoli Business Service Manager - Websphere Potential security exposure(CVE-2012-3325) and Apache Tomcat hash denial of service (CVE-2011-4858)

Source: CCN
Type: IBM Security Bulletin 1646446
Security Vulnerabilities addressed in IBM Tivoli Netcool Performance Manager (CVE-2013-0464, CVE-2012-3325, CVE-2012-3325)

Source: CCN
Type: IBM Security Bulletin 1646503
Tivoli Storage Productivity Center, multiple security vulnerabilities in IBM Tivoli Integrated Portal (CVE-2013-0464, CVE-2012-3325, CVE-2011-4858)

Source: CCN
Type: IBM Security Bulletin 1646737
Potential Security issue for SmartCloud Cost Management (CVE-2013-0464 and CVE-2012-3325)

Source: CCN
Type: IBM Security Bulletin 1650482
IBM Tivoli Key Lifecycle Manager can be affected by multiple vulnerabilities in IBM Tivoli Integrated Portal (CVE-2013-0464, CVE-2012-3325, CVE-2011-4858)

Source: CCN
Type: IBM Security Bulletin 1651284
Tivoli Workload Dynamic Console Vulnerability exposure in Tivoli Integrated Portal component

Source: CCN
Type: IBM Security Bulletin 1654075
Tivoli Netcool/OMNIbus Web GUI - IBM WebSphere Application Server PM44303 security bypass (CVE-2012-3325) and Hash denial of service (CVE-2011-4858)

Source: CCN
Type: IBM Interim Fix PO00087
IBM Intelligent Operations Center interim fix PO00087

Source: CONFIRM
Type: Vendor Advisory
http://www.ibm.com/support/docview.wss?uid=swg21609067

Source: CCN
Type: IBM Security Bulletin 1666077
Security Access Manager for Enterprise Single Sign-On can be affected by a vulnerability in WebSphere Application Server (CVE-2014-0411)

Source: CCN
Type: IBM Security Bulletin 1667352
IBM Security Directory Server can be affected by a vulnerability in IBM WebSphere Application Server (CVE-2014-0411)

Source: CCN
Type: IBM Security Bulletin 1678544
IBM Security Directory Server can be affected by a vulnerability in IBM Runtime Environment, JavaTM Technology Edition Versions 5 and 6 (CVE 2014-0160)

Source: BID
Type: UNKNOWN
55309

Source: CCN
Type: BID-55309
IBM WebSphere Application Server Administrative Access Security Bypass Vulnerability

Source: SECTRACK
Type: UNKNOWN
1027462

Source: XF
Type: UNKNOWN
was-pm44303-security-bypass(77959)

Source: XF
Type: UNKNOWN
was-pm44303-security-bypass(77959)

Source: CCN
Type: IBM Security Bulletin 1611311
Security Vulnerabilities fixed in IBM WebSphere Application Server 6.1.0.45

Source: CCN
Type: IBM Security Bulletin 1618044
Potential security exposure from IBM WebSphere Application Server impacts Rational Application Developer

Source: CCN
Type: IBM Security Bulletin 1672584
IBM Tivoli Directory Integrator can be affected by a vulnerability in IBM Runtime Environment, Java(TM) Technology Edition, Versions 5, 6 and 7 (CVE-2014-0411)

Vulnerable Configuration:

Configuration 1:

cpe:/a:ibm:websphere_application_server:6.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_application_server:6.1.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_application_server:6.1.0.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_application_server:6.1.0.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_application_server:6.1.0.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_application_server:6.1.0.3:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_application_server:6.1.0.5:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_application_server:6.1.0.7:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_application_server:6.1.0.9:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_application_server:6.1.0.11:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_application_server:6.1.0.12:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_application_server:6.1.0.15:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_application_server:6.1.0.17:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_application_server:6.1.0.19:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_application_server:6.1.0.21:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_application_server:6.1.0.23:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_application_server:6.1.0.25:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_application_server:6.1.0.27:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_application_server:6.1.0.29:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_application_server:6.1.0.31:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_application_server:6.1.0.33:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_application_server:6.1.0.35:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_application_server:6.1.0.37:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_application_server:6.1.0.39:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_application_server:6.1.0.41:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_application_server:6.1.0.43:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_application_server:6.1.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_application_server:6.1.3:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_application_server:6.1.5:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_application_server:6.1.6:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_application_server:6.1.7:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_application_server:6.1.13:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_application_server:6.1.14:*:*:*:*:*:*:*

Configuration 2:

cpe:/a:ibm:websphere_application_server:7.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_application_server:7.0.0.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_application_server:7.0.0.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_application_server:7.0.0.3:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_application_server:7.0.0.4:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_application_server:7.0.0.5:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_application_server:7.0.0.6:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_application_server:7.0.0.7:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_application_server:7.0.0.8:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_application_server:7.0.0.9:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_application_server:7.0.0.11:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_application_server:7.0.0.13:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_application_server:7.0.0.15:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_application_server:7.0.0.17:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_application_server:7.0.0.19:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_application_server:7.0.0.21:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_application_server:7.0.0.23:*:*:*:*:*:*:*

Configuration 3:

cpe:/a:ibm:websphere_application_server:8.0.0.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_application_server:8.0.0.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_application_server:8.0.0.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_application_server:8.0.0.3:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_application_server:8.0.0.4:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_application_server:8.5.0.0:*:*:*:*:*:*:*

Configuration CCN 1:

cpe:/a:ibm:websphere_application_server:6.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_application_server:6.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_application_server:7.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_application_server:8.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_application_server:8.5:*:*:*:*:*:*:*

AND

cpe:/a:ibm:tivoli_federated_identity_manager:6.1.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:tivoli_federated_identity_manager:6.2.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:tivoli_federated_identity_manager:6.2.0.12:*:*:*:*:*:*:*

OR cpe:/a:ibm:tivoli_federated_identity_manager:6.2.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:intelligent_operations_center:1.5.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_developer_for_system_z:7.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_developer_for_system_z:8.0.1.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_developer_for_system_z:8.5.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:service_delivery_manager:7.2.1.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:service_delivery_manager:7.2.2.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:tivoli_business_service_manager:4.2.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:tivoli_key_lifecycle_manager:2.0.1:*:*:*:*:*:*:*

OR cpe:/o:ibm:security_access_manager:8.2:*:enterprise_single_sign-on:*:*:*:*:*

OR cpe:/a:ibm:security_directory_server:6.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:security_directory_server:6.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:security_directory_server:6.3:*:*:*:*:*:*:*

OR cpe:/a:ibm:security_directory_server:6.3.1:*:*:*:*:*:*:*

Denotes that component is vulnerable