IBM Rational Developer For System Z Information Disclosure Vulnerability (Win) Network Vulnerability

Summary

This host is installed with IBM Rational Developer for System z and is prone information disclosure vulnerability.

Impact

Successful exploitation could allow local users to obtain sensitive information via unspecified vectors. Impact Level: Application

Solution

Upgrade to IBM Rational Developer for System z version 8.5.2 or later, For updates refer to http://www.ibm.com/developerworks/downloads/r/rdz/index.html

Insight

The flaw is due to error in the application, which does not properly store the SSL certificate password.

Affected

IBM Rational Developer for System z version 7.1 through 8.5.1 on Windows

References

http://osvdb.org/87925
http://secunia.com/advisories/51401/
http://www-01.ibm.com/support/docview.wss?uid=swg21617886
http://xforce.iss.net/xforce/xfdb/79919

Updated on 2015-03-25

Severity

Classification

CVE CVE-2012-4862
CVSS Base Score: 2.1
AV:L/AC:L/Au:N/C:P/I:N/A:N

Related Vulnerabilities

CPE-based Policy Check
Foxit Phantom Version Detection
Amarok Player Version Detection (Linux)
Compaq WBEM Server Detection
IMAP Banner

IBM Rational Developer for System z Information Disclosure Vulnerability (Win)

Take action and discover your vulnerabilities