CVE-2012-4832
IBM InfoSphere Information Server <8.5 FP3 - Info Disclosure
Title source: llmDescription
Information Services Framework (ISF) in IBM InfoSphere Information Server 8.1, 8.5 before FP3, and 8.7 and InfoSphere Business Glossary 8.1.1 and 8.1.2 does not have an off autocomplete attribute for the password field on the login page, which makes it easier for remote attackers to obtain access by leveraging an unattended workstation.
References (2)
Core 2
Core References
Vendor Advisory x_refsource_confirm
http://www-01.ibm.com/support/docview.wss?uid=swg21623501
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/78906
Scores
EPSS
0.0048
EPSS Percentile
38.0%
Details
CWE
CWE-200
Status
published
Products (7)
ibm/infosphere_business_glossary
8.1.1
ibm/infosphere_business_glossary
8.1.2
ibm/infosphere_information_server
8.1
ibm/infosphere_information_server
8.5
ibm/infosphere_information_server
8.5.0.1
ibm/infosphere_information_server
8.5.0.2
ibm/infosphere_information_server
8.7
Published
Jan 31, 2013
Tracked Since
Feb 18, 2026