Vulnerabilities > CVE-2012-4818 - Unspecified vulnerability in IBM Infosphere Information Server 8.1/8.5/8.7

CVSS 6.5 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

NONE

Availability impact

NONE

network

low complexity

ibm

NVD

Published: 2022-09-29

Updated: 2022-10-28

Summary

IBM InfoSphere Information Server 8.1, 8.5, and 8,7 could allow a remote authenticated attacker to obtain sensitive information, caused by improper restrictions on directories. An attacker could exploit this vulnerability via the DataStage application to load or import content functionality to view arbitrary files on the system.

Vulnerable Configurations

Part	Description	Count
Application	Ibm IBM Infosphere Information Server 8.5 IBM Infosphere Information Server 8.7 IBM Infosphere Information Server 8.1	3

References

https://www.ibm.com/blogs/psirt/security-bulletin-lack-of-path-restriction-may-allow-access-to-sensitive-data-stored-on-ibm-infosphere-information-server-cve-2012-4818/?lnk=hm
https://exchange.xforce.ibmcloud.com/vulnerabilities/78651