AI Sec Watch: A Security Intelligence Platform for AI Systems

Luu, T.J.

CVE-2012-4850: IBM WebSphere Application Server 8.5 Liberty Profile before 8.5.0.1, when JAX-RS is used, does not properly validate req

infovulnerability

security

Source: NVD/CVE DatabaseNovember 14, 2012CVE-2012-4850

Summary

IBM WebSphere Application Server 8.5 Liberty Profile before version 8.5.0.1 has a security flaw in its JAX-RS component (a tool for building web services) that fails to properly validate incoming requests, allowing attackers to gain unauthorized access. The vulnerability is caused by improper input validation (CWE-20, where the system doesn't properly check data before using it).

Solution / Mitigation

Update IBM WebSphere Application Server 8.5 Liberty Profile to version 8.5.0.1 or later.

Vulnerability Details

CVSS Score

7.5

EPSS (30-day exploit probability)

EPSS: 0.8%

Classification

Attack SophisticationModerate

Taxonomy References

CWE (Weakness Type)

CWE-20

Original source: https://nvd.nist.gov/vuln/detail/CVE-2012-4850

First tracked: February 15, 2026 at 08:43 PM

Classified by LLM (prompt v3) · confidence: 95%