CVE-2012-3311

Name of the Vulnerable Software and Affected Versions IBM WebSphere Application Server (WAS) versions 6.1 before 6.1.0.45 IBM WebSphere Application Server (WAS) versions 7.0 before 7.0.0.25 IBM WebSphere Application Server (WAS) versions 8.0 before 8.0.0.5 IBM WebSphere Application Server (WAS) versions 8.5 before 8.5.0.1

Description The issue allows local users to bypass intended access restrictions and read or modify application data via unspecified vectors, due to the lack of CBIND checks in certain configurations involving Federated Repositories for IIOP connections and Optimized Local Adapters.

Recommendations For versions 6.1 before 6.1.0.45, update to version 6.1.0.45 or later. For versions 7.0 before 7.0.0.25, update to version 7.0.0.25 or later. For versions 8.0 before 8.0.0.5, update to version 8.0.0.5 or later. For versions 8.5 before 8.5.0.1, update to version 8.5.0.1 or later.