7.5

CVE-2012-2203

EPSS 0.96%
Veröffentlicht 08.08.2012 10:26:18
Zuletzt bearbeitet 11.04.2025 00:51:21
Quelle psirt@us.ibm.com
Teams Watchlist Login
Unerledigt Login

IBM Global Security Kit (aka GSKit) before 8.0.14.22, as used in IBM Rational Directory Server, IBM Tivoli Directory Server, and other products, uses the PKCS #12 file format for certificate objects without enforcing file integrity, which makes it easier for remote attackers to spoof SSL servers via vectors involving insertion of an arbitrary root Certification Authority (CA) certificate.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 9

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Ibm ≫ Global Security Kit Version <= 8.0.13

Ibm ≫ Global Security Kit Version7.0.4.28

Ibm ≫ Global Security Kit Version7.0.4.29

Ibm ≫ Rational Directory Server

Ibm ≫ Tivoli Directory Server

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.96%	0.744

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.5	10	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P

http://secunia.com/advisories/51279

http://www-01.ibm.com/support/docview.wss?uid=swg21606145

Vendor Advisory

http://www.securityfocus.com/bid/54743

http://www-01.ibm.com/support/docview.wss?uid=swg1IV31973

http://www-01.ibm.com/support/docview.wss?uid=swg1IV31975

https://exchange.xforce.ibmcloud.com/vulnerabilities/77280

https://nvd.nist.gov/vuln/detail/CVE-2012-2203

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2012-2203

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2012-2203

EUVD