IBM Rational Developer For System Z Information Disclosure Vulnerability (Win) Network Vulnerability

Summary

This host is installed with IBM Rational Developer for System z and is prone information disclosure vulnerability.

Impact

Successful exploitation could allow local users to obtain sensitive information via unspecified vectors. Impact Level: Application

Solution

Upgrade to IBM Rational Developer for System z version 8.5.2 or later, For updates refer to http://www.ibm.com/developerworks/downloads/r/rdz/index.html

Insight

The flaw is due to error in the application, which does not properly store the SSL certificate password.

Affected

IBM Rational Developer for System z version 7.1 through 8.5.1 on Windows

References

http://osvdb.org/87925
http://secunia.com/advisories/51401/
http://www-01.ibm.com/support/docview.wss?uid=swg21617886
http://xforce.iss.net/xforce/xfdb/79919

Updated on 2015-03-25

Severity

Classification

CVE CVE-2012-4862

CVSS	Base Score: 2.1 AV:L/AC:L/Au:N/C:P/I:N/A:N

Related Vulnerabilities

Get the DNS Name over WMI
Host Summary
Gale Version Detection
HP Jet Admin 7.x Directory Traversal
ISS deployment manager detection

IBM Rational Developer for System z Information Disclosure Vulnerability (Win)

Take action and discover your vulnerabilities