Vulnerability Details CVE-2012-4818
IBM InfoSphere Information Server 8.1, 8.5, and 8,7 could allow a remote authenticated attacker to obtain sensitive information, caused by improper restrictions on directories. An attacker could exploit this vulnerability via the DataStage application to load or import content functionality to view arbitrary files on the system.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 36.8%
CVSS Severity
CVSS v3 Score 6.5
References
- https://exchange.xforce.ibmcloud.com/vulnerabilities/78651
- https://www.ibm.com/blogs/psirt/security-bulletin-lack-of-path-restriction-may-allow-access-to-sensitive-data-stored-on-ibm-infosphere-information-server-cve-2012-4818/?lnk=hm
- https://exchange.xforce.ibmcloud.com/vulnerabilities/78651
- https://www.ibm.com/blogs/psirt/security-bulletin-lack-of-path-restriction-may-allow-access-to-sensitive-data-stored-on-ibm-infosphere-information-server-cve-2012-4818/?lnk=hm
Products affected by CVE-2012-4818
-
cpe:2.3:a:ibm:infosphere_information_server:8.1
-
cpe:2.3:a:ibm:infosphere_information_server:8.5
-
cpe:2.3:a:ibm:infosphere_information_server:8.7