IBM Rational Automation Framework (RAF) 3.x through 3.0.0.5 allows remote attackers to bypass intended Env Gen Wizard (aka Environment Generation Wizard) access restrictions by visiting context roots in HTTP sessions on port 8080.
References
Link | Resource |
---|---|
http://www-01.ibm.com/support/docview.wss?uid=swg21620359 | Vendor Advisory |
https://exchange.xforce.ibmcloud.com/vulnerabilities/78379 |
Configurations
Configuration 1 (hide)
|
History
No history.
Information
Published : 2012-12-26 18:55
Updated : 2024-02-28 12:00
NVD link : CVE-2012-4816
Mitre link : CVE-2012-4816
CVE.ORG link : CVE-2012-4816
JSON object : View
Products Affected
ibm
- rational_automation_framework
CWE
CWE-264
Permissions, Privileges, and Access Controls