CVE-2012-5955

critical

Published 2012-12-20 · Modified 2026-04-29

CVSS v3

—

CVSS v2

10.0

VIR risk

10.0

Description

Unspecified vulnerability in the IBM HTTP Server component 5.3 in IBM WebSphere Application Server (WAS) for z/OS allows remote attackers to execute arbitrary commands via unknown vectors.

Predictions

Exploit likelihood

20%

Patch ETA

—

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: psirt@us.ibm.com — http://www-01.ibm.com/support/docview.wss?&uid=swg21620945

Application impact

Vendor	Product	Versions	Fixed
ibm	http_server	`5.3`
ibm	websphere_application_server	`-`

References

http://www-01.ibm.com/support/docview.wss?&uid=swg21620945
https://exchange.xforce.ibmcloud.com/vulnerabilities/80684
http://www-01.ibm.com/support/docview.wss?&uid=swg21620945
https://exchange.xforce.ibmcloud.com/vulnerabilities/80684

Verify integrity in audit chain (admin only). AS-IS.