CVE-2012-0702

IBM Infosphere Information Server - Authentication Bypass

Title source: rule

Description

Information Services Framework (ISF) in IBM InfoSphere Information Server 8.1, 8.5 before FP3, and 8.7 does not properly determine authorization, which allows remote authenticated users to gain privileges via unspecified vectors.

References (2)

[Vendor Advisory] http://www-01.ibm.com/support/docview.wss?uid=swg21623501

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/73287

Scores

EPSS 0.0015

EPSS Percentile 34.7%

Classification

CWE

CWE-287

Status draft

Affected Products (6)

ibm/infosphere_information_server

ibm/infosphere_information_server_information_services_framework

Timeline

Published Jan 31, 2013

Tracked Since Feb 18, 2026