CVE-2012-4818

IBM InfoSphere Information Server 8.1, 8.5, and 8,7 could allow a remote authenticated attacker to obtain sensitive information, caused by improper restrictions on directories. An attacker could exploit this vulnerability via the DataStage application to load or import content functionality to view arbitrary files on the system.

Published: Sep 29, 2022
Updated: Apr 13, 2023
CVE: CVE-2012-4818
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 6.5
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
ibm / infosphere_information_server	8.5	8.5.x
ibm / infosphere_information_server	8.7	8.7.x
ibm / infosphere_information_server	8.1	8.1.x

https://exchange.xforce.ibmcloud.com/vulnerabilities/78651
https://www.ibm.com/blogs/psirt/security-bulletin-lack-of-path-restriction-may-allow-access-to-sensitive-data-stored-on-ibm-infosphere-information-server-cve-2012-4818/?lnk=hm

Vulnerability Database

289,784

CVE-2012-4818