CVE-2012-0204 — IBM Infosphere Import Export Manager vulnerability

3 documents3 sources

Severity

9.3CRITICALNVD

EPSS

0.7%

top 28.49%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

IBM Infosphere Import Export Manager IBM Infosphere Information Server

Timeline

PublishedJan 31

Latest updateMay 4

Description

Untrusted search path vulnerability in InfoSphere Import Export Manager 8.1 through 9.1 in InfoSphere Information Server MetaBrokers & Bridges (MBB) in IBM InfoSphere Information Server 8.1, 8.5 before FP3, 8.7, and 9.1 allows local users to gain privileges via a Trojan horse DLL in the current working directory.

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages2 packages

▶NVDibm/infosphere_information_server6 versions+5

▶NVDibm/infosphere_import_export_manager6 versions+5

🔴Vulnerability Details

GHSA

GHSA-w2ch-mjm9-88pm: Untrusted search path vulnerability in InfoSphere Import Export Manager 8↗2022-05-04

▶

CVEList

CVE-2012-0204: Untrusted search path vulnerability in InfoSphere Import Export Manager 8↗2013-01-31

▶