CVE-2012-0705

IBM InfoSphere IS <8.5FP3, 8.7, 9.1 - Command Injection

Title source: llm
STIX 2.1

Description

InfoSphere Import Export Manager in InfoSphere Information Server MetaBrokers & Bridges (MBB) in IBM InfoSphere Information Server 8.1, 8.5 before FP3, 8.7, and 9.1 does not validate unspecified input data, which allows remote authenticated users to execute arbitrary commands via unknown vectors.

References (2)

Core 2
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/73292
Vendor Advisory x_refsource_confirm
http://www-01.ibm.com/support/docview.wss?uid=swg21623501

Scores

EPSS 0.0176
EPSS Percentile 75.3%

Details

CWE
CWE-20
Status published
Products (7)
ibm/infosphere_information_server 8.1
ibm/infosphere_information_server 8.5
ibm/infosphere_information_server 8.5.0.1
ibm/infosphere_information_server 8.5.0.2
ibm/infosphere_information_server 8.7
ibm/infosphere_information_server 9.1
ibm/infosphere_information_server_metabrokers_\&_bridges
Published Jan 31, 2013
Tracked Since Feb 18, 2026