CVE-2012-4818 Information

Description

IBM InfoSphere Information Server 8.1 8.5 and 87 could allow a remote authenticated attacker to obtain sensitive information caused by improper restrictions on directories. An attacker could exploit this vulnerability via the DataStage application to load or import content functionality to view arbitrary files on the system.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Reference

https://www.ibm.com/blogs/psirt/security-bulletin-lack-of-path-restriction-may-allow-access-to-sensitive-data-stored-on-ibm-infosphere-information-server-cve-2012-4818/?lnk=hm https://exchange.xforce.ibmcloud.com/vulnerabilities/78651

Attack Complexity

LOW

Privileges Required

LOW

User Interaction Required

LOW

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

HIGH

Availability Impact

NONE

Base Score

NONE

Base Severity

6.5