Bypassing Access Restrictions in IBM Rational Automation Framework (RAF) 3.x through 3.0.0.5

Bypassing Access Restrictions in IBM Rational Automation Framework (RAF) 3.x through 3.0.0.5

CVE-2012-4816 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

IBM Rational Automation Framework (RAF) 3.x through 3.0.0.5 allows remote attackers to bypass intended Env Gen Wizard (aka Environment Generation Wizard) access restrictions by visiting context roots in HTTP sessions on port 8080.

Learn more about our Web Application Penetration Testing UK.