VIR Vulnerability Intelligence Relay

CVE-2012-4832

low
Published 2013-01-31 · Modified 2026-04-29
CVSS v3
CVSS v2
1.9
VIR risk
1.9

Description

Information Services Framework (ISF) in IBM InfoSphere Information Server 8.1, 8.5 before FP3, and 8.7 and InfoSphere Business Glossary 8.1.1 and 8.1.2 does not have an off autocomplete attribute for the password field on the login page, which makes it easier for remote attackers to obtain access by leveraging an unattended workstation.

Predictions

Exploit likelihood
20%
Patch ETA

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: psirt@us.ibm.com — http://www-01.ibm.com/support/docview.wss?uid=swg21623501

Application impact
VendorProductVersionsFixed
ibm ibminfosphere_business_glossary8.1.1
ibm ibminfosphere_business_glossary8.1.2
ibm ibminfosphere_information_server8.1
ibm ibminfosphere_information_server8.5
ibm ibminfosphere_information_server8.5.0.1
ibm ibminfosphere_information_server8.5.0.2
ibm ibminfosphere_information_server8.7

References

CWEs

CWE-200

Verify integrity in audit chain (admin only). AS-IS.