CVE-2012-3338

{"id": "CVE-2012-3338", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Secondary", "source": "psirt@us.ibm.com", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 3.7, "attackVector": "NETWORK", "baseSeverity": "LOW", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 1.4, "exploitabilityScore": 2.2}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 1.4, "exploitabilityScore": 3.9}]}, "published": "2020-09-01T17:15:11.467", "references": [{"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21611126", "tags": ["Broken Link"], "source": "psirt@us.ibm.com"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78286", "tags": ["VDB Entry", "Vendor Advisory"], "source": "psirt@us.ibm.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-20"}]}], "descriptions": [{"lang": "en", "value": "IBM InfoSphere Guardium 8.0, 8.01, and 8.2 could allow a remote attacker to bypass security restrictions, caused by improper restrictions on the create new user account functionality. An attacker could exploit this vulnerability to create unprivileged user accounts. IBM X-Force ID: 78286."}, {"lang": "es", "value": "IBM InfoSphere Guardium versiones 8.0, 8.01 y 8.2, podr\u00edan permitir a un atacante remoto omitir las restricciones de seguridad, causada por restricciones inapropiadas en la funcionalidad create new user account. Un atacante podr\u00eda explotar esta vulnerabilidad para crear cuentas de usuario sin privilegios. IBM X-Force ID: 78286"}], "lastModified": "2020-09-04T17:54:33.313", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:ibm:infosphere_guardium:8.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F5F2BF5E-BFAD-4F09-92AA-409E2B3CFA76"}, {"criteria": "cpe:2.3:a:ibm:infosphere_guardium:8.01:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1ED23367-8D35-420C-8F59-184764644FB2"}, {"criteria": "cpe:2.3:a:ibm:infosphere_guardium:8.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "36B8FA25-B5FA-4623-A703-D9F0CCD8BB65"}], "operator": "OR"}]}], "sourceIdentifier": "psirt@us.ibm.com"}