CVE-2012-0701

medium

Published 2013-01-31 · Modified 2026-04-29

CVSS v3

—

CVSS v2

6.5

VIR risk

6.5

Description

The client applications in the DataStage Administrator client in InfoSphere DataStage in IBM InfoSphere Information Server 8.1, 8.5 before FP3, and 8.7 rely on client-side access control, which allows remote authenticated users to gain privileges via unspecified vectors.

Predictions

Exploit likelihood

20%

Patch ETA

—

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: psirt@us.ibm.com — http://www-01.ibm.com/support/docview.wss?uid=swg21623501

Application impact

Vendor	Product	Versions
ibm	infosphere_datastage	`-`
ibm	infosphere_information_server	`8.1`
ibm	infosphere_information_server	`8.5`
ibm	infosphere_information_server	`8.5.0.1`
ibm	infosphere_information_server	`8.5.0.2`
ibm	infosphere_information_server	`8.7`

References

http://www-01.ibm.com/support/docview.wss?uid=swg21623501
https://exchange.xforce.ibmcloud.com/vulnerabilities/73285
http://www-01.ibm.com/support/docview.wss?uid=swg21623501
https://exchange.xforce.ibmcloud.com/vulnerabilities/73285

CWEs

CWE-264

Verify integrity in audit chain (admin only). AS-IS.