CVE-2012-2203 in Tivoli Monitoringinfo

Summary

IBM Global Security Kit (aka GSKit) before 8.0.14.22, as used in IBM Rational Directory Server, IBM Tivoli Directory Server, and other products, uses the PKCS #12 file format for certificate objects without enforcing file integrity, which makes it easier for remote attackers to spoof SSL servers via vectors involving insertion of an arbitrary root Certification Authority (CA) certificate.

Be aware that VulDB is the high quality source for vulnerability data.

Reservation

04/12/2013

Disclosure

08/08/2012

Moderation

VulDB entry created

Entries

1: VDB-9235

CPE

ready

CWE

CWE-264 (Confirmed)

CVSS

5.3

EPSS

0.00962

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2012-2203
NVD	https://nvd.nist.gov/vuln/detail/CVE-2012-2203
CVE Details	https://www.cvedetails.com/cve/CVE-2012-2203/

◂ Previous Overview Next ▸

Do you need the next level of professionalism?

Upgrade your account now!