Security Bulletin: Rational Automation Framework Environment Wizard Vulnerability (CVE-2012-4816)
IBM PSIRT 270004PFE3 firstname.lastname@example.org | | Tags:  psirthigh psirtrational
0 Comments | 1,010 Visits
Accessing the IBM Rational Automation Framework web user interface via the standard port 80 forces a login prompt to the user. However, a user can bypass this by hitting the default application server port 8080 and browsing various context roots until they locate the wizard.
Affected product(s) and Version(s):
Rational Automation Framework 3.0 and later on all supported platforms
Refer to the following reference URLs for remediation and additional vulnerability details.
Source Bulletin: http://www-01.ibm.com/support/docview.wss?uid=swg21620359
X-Force Database: http://xforce.iss.net/xforce/xfdb/78379