CVE-2012-0700 — IBM Infosphere Fasttrack vulnerability

CWE-2557 documents4 sources

Severity

1.9LOWNVD

EPSS

0.0%

top 84.99%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

IBM Infosphere Fasttrack IBM Infosphere Information Server

Timeline

PublishedJan 31

Latest updateMay 17

Description

The client in InfoSphere FastTrack 8.1 through 8.7 in IBM InfoSphere Information Server 8.1, 8.5 before FP3, and 8.7 does not properly store credentials, which allows local users to bypass intended access restrictions via unspecified vectors.

CVSS vector

AV:L/AC:M/C:N/I:P/A:NExploitability: 3.4 | Impact: 2.9

Affected Packages2 packages

▶NVDibm/infosphere_information_server5 versions+4

▶NVDibm/infosphere_fasttrack5 versions+4

🔴Vulnerability Details

GHSA

GHSA-3225-8fvw-978w: The client in InfoSphere FastTrack 8↗2022-05-17

▶

CVEList

CVE-2012-0700: The client in InfoSphere FastTrack 8↗2013-01-31

▶

💬Community

Bugzilla

CVE-2012-5577 CVE-2012-5578 python-keyring: insecure permissions on configuration file↗2012-11-28

▶

Bugzilla

CVE-2012-2314 anaconda: Weak permissions by writing password configuration file in bootloader configuration module↗2012-05-04

▶

Bugzilla

CVE-2012-0843 uzbl: world-readable cookie file↗2012-02-11

▶

Bugzilla

CVE-2012-0842 surf: world-readable cookie file↗2012-02-10

▶