CVE-2012-0734 : IBM Rational AppScan Enterprise 5.x and 8.x before 8.5.0.1 does not properly imp

IBM Rational AppScan Enterprise 5.x and 8.x before 8.5.0.1 does not properly import jobs, which allows man-in-the-middle attackers to obtain sensitive information or possibly have unspecified other impact via a crafted job.

Published 2012-05-03 04:08:25

Updated 2025-04-11 00:51:22

Source IBM Corporation

View at NVD, CVE.org

Products affected by CVE-2012-0734

IBM » Rational Appscan » Version: 5.5.0.2 Enterprise Edition
cpe:2.3:a:ibm:rational_appscan:5.5.0.2:*:enterprise:*:*:*:*:*
Matching versions
IBM » Rational Appscan » Version: 5.4 Enterprise Edition
cpe:2.3:a:ibm:rational_appscan:5.4:*:enterprise:*:*:*:*:*
Matching versions
IBM » Rational Appscan » Version: 5.5.0.1 Enterprise Edition
cpe:2.3:a:ibm:rational_appscan:5.5.0.1:*:enterprise:*:*:*:*:*
Matching versions
IBM » Rational Appscan » Version: 5.6.0 Enterprise Edition
cpe:2.3:a:ibm:rational_appscan:5.6.0:*:enterprise:*:*:*:*:*
Matching versions
IBM » Rational Appscan » Version: 8.0.0.2 Enterprise Edition
cpe:2.3:a:ibm:rational_appscan:8.0.0.2:*:enterprise:*:*:*:*:*
Matching versions
IBM » Rational Appscan » Version: 8.0.1 Enterprise Edition
cpe:2.3:a:ibm:rational_appscan:8.0.1:*:enterprise:*:*:*:*:*
Matching versions
IBM » Rational Appscan » Version: 5.6.0.3 Enterprise Edition
cpe:2.3:a:ibm:rational_appscan:5.6.0.3:*:enterprise:*:*:*:*:*
Matching versions
IBM » Rational Appscan » Version: 8.0.0 Enterprise Edition
cpe:2.3:a:ibm:rational_appscan:8.0.0:*:enterprise:*:*:*:*:*
Matching versions
IBM » Rational Appscan » Version: 5.5.0 Enterprise Edition
cpe:2.3:a:ibm:rational_appscan:5.5.0:*:enterprise:*:*:*:*:*
Matching versions
IBM » Rational Appscan » Version: 5.2 Enterprise Edition
cpe:2.3:a:ibm:rational_appscan:5.2:*:enterprise:*:*:*:*:*
Matching versions
IBM » Rational Appscan » Version: 8.0.0.1 Enterprise Edition
cpe:2.3:a:ibm:rational_appscan:8.0.0.1:*:enterprise:*:*:*:*:*
Matching versions
IBM » Rational Appscan » Version: 8.0.0.3 Enterprise Edition
cpe:2.3:a:ibm:rational_appscan:8.0.0.3:*:enterprise:*:*:*:*:*
Matching versions
IBM » Rational Appscan » Version: 8.0.1.1 Enterprise Edition
cpe:2.3:a:ibm:rational_appscan:8.0.1.1:*:enterprise:*:*:*:*:*
Matching versions
IBM » Rational Appscan » Version: 8.5.0 Enterprise Edition
cpe:2.3:a:ibm:rational_appscan:8.5.0:*:enterprise:*:*:*:*:*
Matching versions
IBM » Rational Appscan » Version: 8.5.0.0 Enterprise Edition
cpe:2.3:a:ibm:rational_appscan:8.5.0.0:*:enterprise:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2012-0734

EPSS FAQ

0.52%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 64 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2012-0734

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
7.6	HIGH	AV:N/AC:H/Au:N/C:C/I:C/A:C	4.9	10.0	NIST
Access Vector: Network Access Complexity: High Authentication: None Confidentiality Impact: Complete Integrity Impact: Complete Availability Impact: Complete

References for CVE-2012-0734

http://secunia.com/advisories/48968

Sign in

CVEs referencing this url
http://www.securityfocus.com/bid/53247

IBM Rational Products Multiple Security Vulnerabilities

CVEs referencing this url
http://secunia.com/advisories/48967

Sign in

CVEs referencing this url
http://www.ibm.com/support/docview.wss?uid=swg21592188

IBM notice: The page you requested cannot be displayed
Vendor Advisory

CVEs referencing this url
https://exchange.xforce.ibmcloud.com/vulnerabilities/74557

AppScan Enterprise import job information disclosure CVE-2012-0734 Vulnerability Report

Jump to

Vulnerability Details : CVE-2012-0734

Products affected by CVE-2012-0734

Exploit prediction scoring system (EPSS) score for CVE-2012-0734

CVSS scores for CVE-2012-0734

References for CVE-2012-0734