CVE-2012-5938

{"id": "CVE-2012-5938", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.2, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2013-03-20T14:55:04.107", "references": [{"url": "http://www.ibm.com/support/docview.wss?uid=swg21628844", "source": "psirt@us.ibm.com"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80493", "source": "psirt@us.ibm.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-264"}]}], "descriptions": [{"lang": "en", "value": "The installation process in IBM InfoSphere Information Server 8.1, 8.5, 8.7, and 9.1 on UNIX and Linux sets incorrect permissions and ownerships for unspecified files, which allows local users to bypass intended access restrictions via standard filesystem operations."}, {"lang": "es", "value": "El proceso de instalaci\u00f3n en IBM InfoSphere Information Server v8.1, v8.5, v8.7 y v9.1 sobre UNIX y Linux, establece permisos y propietarios incorrectamente, lo que permite a usuarios locales evitar las restricciones de acceso establecidas a trav\u00e9s de de operaciones est\u00e1ndar con archivos."}], "lastModified": "2017-08-29T01:32:52.137", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:ibm:infosphere_information_server:8.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "317FAE67-76E2-4084-9393-8A02D255BAF5"}, {"criteria": "cpe:2.3:a:ibm:infosphere_information_server:8.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CA7096B4-291F-49BB-8DBC-E67AC901CF08"}, {"criteria": "cpe:2.3:a:ibm:infosphere_information_server:8.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "42A9CF5C-79EC-4BBF-92AF-2AB3DC125684"}, {"criteria": "cpe:2.3:a:ibm:infosphere_information_server:9.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F3BF0A4B-5DDB-420D-B1F2-8C1ED23F60CF"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:conectiva:linux:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "C74C8F2C-92F4-4A9F-BF5A-8B5DF1A50DC7"}, {"criteria": "cpe:2.3:o:novell:unixware:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "4E2755DC-36FD-4634-B478-CAA9BE504ECF"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "psirt@us.ibm.com"}