CVE-2012-0702

Published: Jan 31, 2013Modified: Apr 29, 2026

4.0

Vector

AV:N/AC:L/Au:S/C:P/I:N/A:N

Exploitability: 8.0 / Impact: 2.9

Source: NVD

Description

Information Services Framework (ISF) in IBM InfoSphere Information Server 8.1, 8.5 before FP3, and 8.7 does not properly determine authorization, which allows remote authenticated users to gain privileges via unspecified vectors.

Affected (6)

Products: Ibm: Infosphere Information Server, Infosphere Information Server Information Services Framework

Ibm

2 products

Infosphere Information Server

Infosphere Information Server Information Services Framework

Configuration A

6 vulnerable

Vulnerable Software	Affected Versions
Ibm Infosphere Information Server	Version 8.1
Ibm Infosphere Information Server	Version 8.5.0.1
Ibm Infosphere Information Server	Version 8.5.0.2
Ibm Infosphere Information Server	Version 8.5
Ibm Infosphere Information Server	Version 8.7
Ibm Infosphere Information Server Information Services Framework	All versions

Related CWEs

CWE-287

Improper Authentication

When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

References (4)

http://www-01.ibm.com/support/docview.wss?uid=swg21623501

Source: psirt@us.ibm.com

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/73287

Source: psirt@us.ibm.com

http://www-01.ibm.com/support/docview.wss?uid=swg21623501

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/73287

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.