Vulnerabilities > CVE-2012-0700 - Credentials Management vulnerability in IBM products

CVSS 1.9 - LOW

Attack vector

LOCAL

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

PARTIAL

Availability impact

NONE

local

ibm

CWE-255

NVD

Published: 2013-01-31

Updated: 2017-08-29

Summary

The client in InfoSphere FastTrack 8.1 through 8.7 in IBM InfoSphere Information Server 8.1, 8.5 before FP3, and 8.7 does not properly store credentials, which allows local users to bypass intended access restrictions via unspecified vectors.

Vulnerable Configurations

Part	Description	Count
Application	Ibm IBM Infosphere Fasttrack 8.1 IBM Infosphere Fasttrack 8.1.1 IBM Infosphere Fasttrack 8.1.2 IBM Infosphere Fasttrack 8.5 IBM Infosphere Fasttrack 8.7 IBM Infosphere Information Server 8.1 IBM Infosphere Information Server 8.5 IBM Infosphere Information Server 8.5.0.1 IBM Infosphere Information Server 8.5.0.2 IBM Infosphere Information Server 8.7	10

Common Weakness Enumeration (CWE)

CWE-255 - Credentials Management

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

References