CVE-2012-4816

IBM Rational Automation Framework (RAF) 3.x through 3.0.0.5 allows remote attackers to bypass intended Env Gen Wizard (aka Environment Generation Wizard) access restrictions by visiting context roots in HTTP sessions on port 8080.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
ibmCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 45%
VendorProductVersion
ibmrational_automation_framework
3.0
ibmrational_automation_framework
3.0.0.1
ibmrational_automation_framework
3.0.0.2
ibmrational_automation_framework
3.0.0.3
ibmrational_automation_framework
3.0.0.4
ibmrational_automation_framework
3.0.0.5
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www-01.ibm.com/support/docview.wss?uid=swg21620359
https://exchange.xforce.ibmcloud.com/vulnerabilities/78379
http://www-01.ibm.com/support/docview.wss?uid=swg21620359
https://exchange.xforce.ibmcloud.com/vulnerabilities/78379