CVE-2012-5937
Summary
| CVE | CVE-2012-5937 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2013-04-12 19:55:00 UTC |
| Updated | 2017-08-29 01:32:00 UTC |
| Description | Unspecified vulnerability in the CLA2 server in IBM Gentran Integration Suite 4.3, Sterling Integrator 5.0 and 5.1, and Sterling B2B Integrator 5.2, as used in IBM Sterling File Gateway 1.1 through 2.2 and other products, allows remote attackers to execute arbitrary commands via unknown vectors. |
Risk And Classification
Problem Types: NVD-CWE-noinfo
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Ibm | Gentran Integration Suite | 4.3 | All | All | All |
| Application | Ibm | Gentran Integration Suite | 4.3 | All | All | All |
| Application | Ibm | Sterling B2b Integrator | 5.2 | All | All | All |
| Application | Ibm | Sterling B2b Integrator | 5.2 | All | All | All |
| Application | Ibm | Sterling File Gateway | 1.1 | All | All | All |
| Application | Ibm | Sterling File Gateway | 2.0 | All | All | All |
| Application | Ibm | Sterling File Gateway | 2.1 | All | All | All |
| Application | Ibm | Sterling File Gateway | 2.2 | All | All | All |
| Application | Ibm | Sterling File Gateway | 1.1 | All | All | All |
| Application | Ibm | Sterling File Gateway | 2.0 | All | All | All |
| Application | Ibm | Sterling File Gateway | 2.1 | All | All | All |
| Application | Ibm | Sterling File Gateway | 2.2 | All | All | All |
| Application | Ibm | Sterling Integrator | 5.0 | All | All | All |
| Application | Ibm | Sterling Integrator | 5.1 | All | All | All |
| Application | Ibm | Sterling Integrator | 5.0 | All | All | All |
| Application | Ibm | Sterling Integrator | 5.1 | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| IC85189: Security APAR CVE-2012-5937. Sterling B2B Integrator CLA2 allows user to execute arbitrary OS commands. | AIXAPAR | www-01.ibm.com | Vendor Advisory |
| Security Bulletin: Vulnerability in IBM® Sterling B2B Integrator can lead to ability to execute OS commands from CLA2 server without authentication (CVE-2012-5937). | CONFIRM | www.ibm.com | Vendor Advisory |
| IBM X-Force Exchange | XF | exchange.xforce.ibmcloud.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.