CVE-2012-4862 - The Host Connect emulator in IBM Rational Developer for System z 7.1 through 8.5.1 does not properly

CVE-2012-4862

Summary

The Host Connect emulator in IBM Rational Developer for System z 7.1 through 8.5.1 does not properly store the SSL certificate password, which allows local users to obtain sensitive information via unspecified vectors.

References

Vulnerable Configurations

cpe:2.3:a:ibm:rational_developer_for_system_z:7.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:rational_developer_for_system_z:7.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:rational_developer_for_system_z:7.6.2.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:rational_developer_for_system_z:7.6.2.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:rational_developer_for_system_z:7.6.2.2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:rational_developer_for_system_z:7.6.2.2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:rational_developer_for_system_z:7.6.2.3:*:*:*:*:*:*:*
cpe:2.3:a:ibm:rational_developer_for_system_z:7.6.2.3:*:*:*:*:*:*:*
cpe:2.3:a:ibm:rational_developer_for_system_z:7.6.2.4:*:*:*:*:*:*:*
cpe:2.3:a:ibm:rational_developer_for_system_z:7.6.2.4:*:*:*:*:*:*:*
cpe:2.3:a:ibm:rational_developer_for_system_z:8.0.1.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:rational_developer_for_system_z:8.0.1.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:rational_developer_for_system_z:8.0.2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:rational_developer_for_system_z:8.0.2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:rational_developer_for_system_z:8.0.3:*:*:*:*:*:*:*
cpe:2.3:a:ibm:rational_developer_for_system_z:8.0.3:*:*:*:*:*:*:*
cpe:2.3:a:ibm:rational_developer_for_system_z:8.0.3.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:rational_developer_for_system_z:8.0.3.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:rational_developer_for_system_z:8.0.3.2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:rational_developer_for_system_z:8.0.3.2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:rational_developer_for_system_z:8.0.3.3:*:*:*:*:*:*:*
cpe:2.3:a:ibm:rational_developer_for_system_z:8.0.3.3:*:*:*:*:*:*:*
cpe:2.3:a:ibm:rational_developer_for_system_z:8.5.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:rational_developer_for_system_z:8.5.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:rational_developer_for_system_z:8.5.0.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:rational_developer_for_system_z:8.5.0.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:rational_developer_for_system_z:8.5.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:rational_developer_for_system_z:8.5.1:*:*:*:*:*:*:*

CVSS

Base:	2.1 (as of 29-08-2017 - 01:32)
Impact:
Exploitability:

CWE

CWE-255

CAPEC

Access

Vector	Complexity	Authentication
LOCAL	LOW	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	NONE	NONE

cvss-vector via4

AV:L/AC:L/Au:N/C:P/I:N/A:N

refmap via4

bid	56725
confirm	http://www.ibm.com/support/docview.wss?uid=swg21617886
sectrack	1027818
secunia	51401
xf	rdz-ssl-info-disclosure(79919)

Last major update

29-08-2017 - 01:32

Published

05-12-2012 - 11:57

Last modified

29-08-2017 - 01:32