CVE-2012-3317
Severity
6.9MEDIUM
EPSS
0.2%
top 63.36%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedDec 5
Latest updateMay 17
Description
IBM WebSphere Message Broker 6.1 before 6.1.0.11, 7.0 before 7.0.0.5, and 8.0 before 8.0.0.2 has incorrect ownership of certain uninstaller Java Runtime Environment (JRE) files, which might allow local users to gain privileges by leveraging access to uid 501 or gid 300.
CVSS vector
AV:L/AC:M/C:C/I:C/A:CExploitability: 3.4 | Impact: 10.0