{"containers": {"cna": {"affected": [{"product": "InfoSphere Guardium", "vendor": "IBM", "versions": [{"status": "affected", "version": "8.0"}, {"status": "affected", "version": "8.01"}, {"status": "affected", "version": "8.2"}]}], "datePublic": "2012-09-28T00:00:00", "descriptions": [{"lang": "en", "value": "IBM InfoSphere Guardium 8.0, 8.01, and 8.2 could allow a remote attacker to bypass security restrictions, caused by improper restrictions on the create new user account functionality. An attacker could exploit this vulnerability to create unprivileged user accounts. IBM X-Force ID: 78286."}], "metrics": [{"cvssV3_0": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 3.7, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "exploitCodeMaturity": "UNPROVEN", "integrityImpact": "LOW", "privilegesRequired": "NONE", "remediationLevel": "OFFICIAL_FIX", "reportConfidence": "CONFIRMED", "scope": "UNCHANGED", "temporalScore": 3.2, "temporalSeverity": "LOW", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AC:H/A:N/UI:N/AV:N/C:N/PR:N/S:U/I:L/E:U/RC:C/RL:O", "version": "3.0"}}], "problemTypes": [{"descriptions": [{"description": "Gain Access", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2020-09-01T16:08:58", "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "shortName": "ibm"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21611126"}, {"name": "infosphereguardium-useracct-create (78286)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78286"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@us.ibm.com", "DATE_PUBLIC": "2012-09-28T00:00:00", "ID": "CVE-2012-3338", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "InfoSphere Guardium", "version": {"version_data": [{"version_value": "8.0"}, {"version_value": "8.01"}, {"version_value": "8.2"}]}}]}, "vendor_name": "IBM"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "IBM InfoSphere Guardium 8.0, 8.01, and 8.2 could allow a remote attacker to bypass security restrictions, caused by improper restrictions on the create new user account functionality. An attacker could exploit this vulnerability to create unprivileged user accounts. IBM X-Force ID: 78286."}]}, "impact": {"cvssv3": {"BM": {"A": "N", "AC": "H", "AV": "N", "C": "N", "I": "L", "PR": "N", "S": "U", "UI": "N"}, "TM": {"E": "U", "RC": "C", "RL": "O"}}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Gain Access"}]}]}, "references": {"reference_data": [{"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21611126", "refsource": "CONFIRM", "title": "IBM Security Bulletin 1611126", "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21611126"}, {"name": "infosphereguardium-useracct-create (78286)", "refsource": "XF", "title": "X-Force Vulnerability Report", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78286"}]}}}}, "cveMetadata": {"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "assignerShortName": "ibm", "cveId": "CVE-2012-3338", "datePublished": "2012-09-28T00:00:00", "dateReserved": "2012-06-07T00:00:00", "dateUpdated": "2020-09-01T16:08:58", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:ibm:infosphere_guardium:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "F5F2BF5E-BFAD-4F09-92AA-409E2B3CFA76", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:infosphere_guardium:8.01:*:*:*:*:*:*:*", "matchCriteriaId": "1ED23367-8D35-420C-8F59-184764644FB2", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:infosphere_guardium:8.2:*:*:*:*:*:*:*", "matchCriteriaId": "36B8FA25-B5FA-4623-A703-D9F0CCD8BB65", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "IBM InfoSphere Guardium 8.0, 8.01, and 8.2 could allow a remote attacker to bypass security restrictions, caused by improper restrictions on the create new user account functionality. An attacker could exploit this vulnerability to create unprivileged user accounts. IBM X-Force ID: 78286."}, {"lang": "es", "value": "IBM InfoSphere Guardium versiones 8.0, 8.01 y 8.2, podr\u00edan permitir a un atacante remoto omitir las restricciones de seguridad, causada por restricciones inapropiadas en la funcionalidad create new user account. Un atacante podr\u00eda explotar esta vulnerabilidad para crear cuentas de usuario sin privilegios. IBM X-Force ID: 78286"}], "id": "CVE-2012-3338", "lastModified": "2020-09-04T17:54:33.313", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 3.7, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0"}, "exploitabilityScore": 2.2, "impactScore": 1.4, "source": "psirt@us.ibm.com", "type": "Secondary"}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-09-01T17:15:11.467", "references": [{"source": "psirt@us.ibm.com", "tags": ["Broken Link"], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21611126"}, {"source": "psirt@us.ibm.com", "tags": ["VDB Entry", "Vendor Advisory"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78286"}], "sourceIdentifier": "psirt@us.ibm.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}