Unrated severityNVD Advisory· Published Nov 30, 2012· Updated Jun 16, 2026
CVE-2012-4834
CVE-2012-4834
Description
Directory traversal vulnerability in LayerLoader.jsp in the theme component in IBM WebSphere Portal 7.0.0.1 and 7.0.0.2 before CF19 and 8.0 before CF03 allows remote attackers to read arbitrary files via a crafted URI.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
40cpe:2.3:a:ibm:websphere_portal:7.0.0.1:*:*:*:*:*:*:*+ 39 more
- cpe:2.3:a:ibm:websphere_portal:7.0.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:7.0.0.1:cf002:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:7.0.0.1:cf003:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:7.0.0.1:cf004:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:7.0.0.1:cf005:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:7.0.0.1:cf006:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:7.0.0.1:cf007:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:7.0.0.1:cf008:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:7.0.0.1:cf009:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:7.0.0.1:cf010:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:7.0.0.1:cf011:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:7.0.0.1:cf012:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:7.0.0.1:cf013:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:7.0.0.1:cf014:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:7.0.0.1:cf015:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:7.0.0.1:cf016:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:7.0.0.1:cf017:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:7.0.0.1:cf018:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:7.0.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:7.0.0.2:cf002:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:7.0.0.2:cf003:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:7.0.0.2:cf004:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:7.0.0.2:cf005:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:7.0.0.2:cf006:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:7.0.0.2:cf007:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:7.0.0.2:cf008:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:7.0.0.2:cf009:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:7.0.0.2:cf010:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:7.0.0.2:cf011:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:7.0.0.2:cf012:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:7.0.0.2:cf013:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:7.0.0.2:cf014:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:7.0.0.2:cf015:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:7.0.0.2:cf016:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:7.0.0.2:cf017:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:7.0.0.2:cf018:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:8.0.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:8.0.0.0:cf01:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:8.0.0.0:cf02:*:*:*:*:*:*
- (no CPE)range: 7.0.0.1, 7.0.0.2 before CF19, 8.0 before CF03
Patches
Vulnerability mechanics
References
6- www.ibm.com/connections/blogs/PSIRT/entry/security_vulnerability_in_theme_component_for_websphere_portal_versions_7_0_0_x_and_8_0_cve2012_48344nvdPatchVendor Advisory
- www.ibm.com/support/docview.wssnvdPatchVendor Advisory
- www.ibm.com/support/docview.wssnvdPatchThird Party Advisory
- secunia.com/advisories/51281nvdThird Party Advisory
- www-01.ibm.com/support/docview.wssnvdVendor Advisory
- exchange.xforce.ibmcloud.com/vulnerabilities/78914nvdThird Party AdvisoryVDB Entry
News mentions
0No linked articles in our index yet.