CVE-2012-3311
Last modified
CVE-2012-3311 is a vulnerability of currently unknown severity. IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.45, 7.0 before 7.0.0.25, 8.0 before 8.0.0.5, and 8.5 before 8.5.0.1 on z/OS, in certain configurations involving Federated Repositories for IIOP connections and Optimized Local Adapters, does not perform CBIND checks, which allows local users to bypass intended access restrictions, and read or modify application data, via unspecified vectors.. EPSS estimates a 0.36% chance of exploitation in the next 30 days.
Description
IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.45, 7.0 before 7.0.0.25, 8.0 before 8.0.0.5, and 8.5 before 8.5.0.1 on z/OS, in certain configurations involving Federated Repositories for IIOP connections and Optimized Local Adapters, does not perform CBIND checks, which allows local users to bypass intended access restrictions, and read or modify application data, via unspecified vectors.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Websphere Application Server | 6.1.0 |
| Ibm | Websphere Application Server | 6.1.0.0 |
| Ibm | Websphere Application Server | 6.1.0.1 |
| Ibm | Websphere Application Server | 6.1.0.2 |
| Ibm | Websphere Application Server | 6.1.0.3 |
| Ibm | Websphere Application Server | 6.1.0.4 |
| Ibm | Websphere Application Server | 6.1.0.5 |
| Ibm | Websphere Application Server | 6.1.0.7 |
| Ibm | Websphere Application Server | 6.1.0.9 |
| Ibm | Websphere Application Server | 6.1.0.11 |
| Ibm | Websphere Application Server | 6.1.0.12 |
| Ibm | Websphere Application Server | 6.1.0.15 |
| Ibm | Websphere Application Server | 6.1.0.17 |
| Ibm | Websphere Application Server | 6.1.0.19 |
| Ibm | Websphere Application Server | 6.1.0.21 |
| Ibm | Websphere Application Server | 6.1.0.23 |
| Ibm | Websphere Application Server | 6.1.0.25 |
| Ibm | Websphere Application Server | 6.1.0.27 |
| Ibm | Websphere Application Server | 6.1.0.29 |
| Ibm | Websphere Application Server | 6.1.0.31 |
| Ibm | Websphere Application Server | 6.1.0.33 |
| Ibm | Websphere Application Server | 6.1.0.35 |
| Ibm | Websphere Application Server | 6.1.0.37 |
| Ibm | Websphere Application Server | 6.1.0.39 |
| Ibm | Websphere Application Server | 6.1.0.41 |
| Ibm | Websphere Application Server | 6.1.0.43 |
| Ibm | Websphere Application Server | 7.0.0.1 |
| Ibm | Websphere Application Server | 7.0.0.2 |
| Ibm | Websphere Application Server | 7.0.0.3 |
| Ibm | Websphere Application Server | 7.0.0.4 |
| Ibm | Websphere Application Server | 7.0.0.5 |
| Ibm | Websphere Application Server | 7.0.0.6 |
| Ibm | Websphere Application Server | 7.0.0.7 |
| Ibm | Websphere Application Server | 7.0.0.8 |
| Ibm | Websphere Application Server | 7.0.0.9 |
| Ibm | Websphere Application Server | 7.0.0.10 |
| Ibm | Websphere Application Server | 7.0.0.11 |
| Ibm | Websphere Application Server | 7.0.0.13 |
| Ibm | Websphere Application Server | 7.0.0.14 |
| Ibm | Websphere Application Server | 7.0.0.15 |
| Ibm | Websphere Application Server | 7.0.0.16 |
| Ibm | Websphere Application Server | 7.0.0.17 |
| Ibm | Websphere Application Server | 7.0.0.19 |
| Ibm | Websphere Application Server | 7.0.0.21 |
| Ibm | Websphere Application Server | 7.0.0.23 |
| Ibm | Websphere Application Server | 8.0.0.0 |
| Ibm | Websphere Application Server | 8.0.0.1 |
| Ibm | Websphere Application Server | 8.0.0.2 |
| Ibm | Websphere Application Server | 8.0.0.3 |
| Ibm | Websphere Application Server | 8.0.0.4 |
Showing 50 of 51 affected configurations. See NVD for the full list.
References
- http://www.ibm.com/support/docview.wss?uid=swg21611313Vendor Advisory
- http://www.ibm.com/support/docview.wss?uid=swg21611313Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2012-3311?
How severe is CVE-2012-3311?
How do I fix CVE-2012-3311?
Are you affected by CVE-2012-3311?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST