CVE-2012-4822

Multiple unspecified vulnerabilities in the JRE component in IBM Java 7 SR2 and earlier, Java 6.0.1 SR3 and earlier, Java 6 SR11 and earlier, Java 5 SR14 and earlier, and Java 142 SR13 FP13 and earlier; as used in IBM Rational Host On-Demand, Rational Change, Tivoli Monitoring, Smart Analytics System 5600, Tivoli Remote Control 5.1.2, WebSphere Real Time, Lotus Notes & Domino, Tivoli Storage Productivity Center, and Service Deliver Manager; and other products from other vendors such as Red Hat, allow remote attackers to execute arbitrary code via vectors related to "insecure use [of] multiple methods in the java.lang.class class."

Published: 2013-01-11 Last update: 2026-04-29 Assigner: [email protected] Source: [email protected]
NVD Status:ModifiedCVE State: published
View at NVD, CVE.org, EUVD

CVE-2012-4822 is rated High Risk (70.7/100): CVSS Critical severity, with high exploitation likelihood (EPSS 12.00%, 94th percentile). EPSS ranks this CVE among the most likely to be exploited in the near term. High exploitation likelihood—assess exposure and prioritize remediation.

Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.

Exploit prediction scoring system (EPSS) score for CVE-2012-4822

EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).

# Date Old EPSS score New EPSS score Delta (New - Old)
1 2026-04-29 11.28% 12.00% +0.72%
2 2025-12-28 10.24% 11.28% +1.05%
3 2025-04-15 10.24%

Full EPSS history (14 records total)

Common vulnerability scoring system (CVSS) metrics for CVE-2012-4822

CVSS metrics for this CVE.

Base score Version Severity Vector Exploitability Impact Score source
9.3 2.0 HIGH
AV:N/AC:M/Au:N/C:C/I:C/A:C Click to expand
Access vector (AV:N)
Can be exploited remotely over network reachability.
Access complexity (AC:M)
Exploitation needs some favorable conditions, but not exceptional ones.
Authentication (AU:N)
No authentication is required.
Confidentiality impact (C:C)
Complete confidentiality impact.
Integrity impact (I:C)
Complete integrity impact.
Availability impact (A:C)
Complete availability impact.
 8.6 10.0 [email protected]

Weakness enumeration for CVE-2012-4822

OS Trackers for CVE-2012-4822

vendor priority summary link
redhat high https://access.redhat.com/security/cve/CVE-2012-4822

Affected software / configurations for CVE-2012-4822

Vendor Product Version Raw CPE
ibm java >= 1.4.2, <= 1.4.2.13.13 cpe:2.3:a:ibm:java:*:*:*:*:*:*:*:*
ibm java >= 5.0.0.0, <= 5.0.14.0 cpe:2.3:a:ibm:java:*:*:*:*:*:*:*:*
ibm java >= 6.0.0.0, <= 6.0.11.0 cpe:2.3:a:ibm:java:*:*:*:*:*:*:*:*
ibm java >= 7.0.0.0, <= 7.0.2.0 cpe:2.3:a:ibm:java:*:*:*:*:*:*:*:*
ibm lotus_domino 8.0 cpe:2.3:a:ibm:lotus_domino:8.0:*:*:*:*:*:*:*
ibm lotus_domino 8.0.1 cpe:2.3:a:ibm:lotus_domino:8.0.1:*:*:*:*:*:*:*
ibm lotus_domino 8.0.2 cpe:2.3:a:ibm:lotus_domino:8.0.2:*:*:*:*:*:*:*
ibm lotus_domino 8.0.2.1 cpe:2.3:a:ibm:lotus_domino:8.0.2.1:*:*:*:*:*:*:*
ibm lotus_domino 8.0.2.2 cpe:2.3:a:ibm:lotus_domino:8.0.2.2:*:*:*:*:*:*:*
ibm lotus_domino 8.0.2.3 cpe:2.3:a:ibm:lotus_domino:8.0.2.3:*:*:*:*:*:*:*
ibm lotus_domino 8.0.2.4 cpe:2.3:a:ibm:lotus_domino:8.0.2.4:*:*:*:*:*:*:*
ibm lotus_domino 8.5.0 cpe:2.3:a:ibm:lotus_domino:8.5.0:*:*:*:*:*:*:*
ibm lotus_domino 8.5.0.1 cpe:2.3:a:ibm:lotus_domino:8.5.0.1:*:*:*:*:*:*:*
ibm lotus_domino 8.5.1 cpe:2.3:a:ibm:lotus_domino:8.5.1:*:*:*:*:*:*:*
ibm lotus_domino 8.5.1.1 cpe:2.3:a:ibm:lotus_domino:8.5.1.1:*:*:*:*:*:*:*
ibm lotus_domino 8.5.1.2 cpe:2.3:a:ibm:lotus_domino:8.5.1.2:*:*:*:*:*:*:*
ibm lotus_domino 8.5.1.3 cpe:2.3:a:ibm:lotus_domino:8.5.1.3:*:*:*:*:*:*:*
ibm lotus_domino 8.5.1.4 cpe:2.3:a:ibm:lotus_domino:8.5.1.4:*:*:*:*:*:*:*
ibm lotus_domino 8.5.1.5 cpe:2.3:a:ibm:lotus_domino:8.5.1.5:*:*:*:*:*:*:*
ibm lotus_domino 8.5.2.0 cpe:2.3:a:ibm:lotus_domino:8.5.2.0:*:*:*:*:*:*:*
ibm lotus_domino 8.5.2.1 cpe:2.3:a:ibm:lotus_domino:8.5.2.1:*:*:*:*:*:*:*
ibm lotus_domino 8.5.2.2 cpe:2.3:a:ibm:lotus_domino:8.5.2.2:*:*:*:*:*:*:*
ibm lotus_domino 8.5.2.3 cpe:2.3:a:ibm:lotus_domino:8.5.2.3:*:*:*:*:*:*:*
ibm lotus_domino 8.5.2.4 cpe:2.3:a:ibm:lotus_domino:8.5.2.4:*:*:*:*:*:*:*
ibm lotus_domino 8.5.3.0 cpe:2.3:a:ibm:lotus_domino:8.5.3.0:*:*:*:*:*:*:*
ibm lotus_domino 8.5.3.1 cpe:2.3:a:ibm:lotus_domino:8.5.3.1:*:*:*:*:*:*:*
ibm lotus_domino 8.5.3.2 cpe:2.3:a:ibm:lotus_domino:8.5.3.2:*:*:*:*:*:*:*
ibm lotus_notes 8.0 cpe:2.3:a:ibm:lotus_notes:8.0:*:*:*:*:*:*:*
ibm lotus_notes 8.0.0 cpe:2.3:a:ibm:lotus_notes:8.0.0:*:*:*:*:*:*:*
ibm lotus_notes 8.0.1 cpe:2.3:a:ibm:lotus_notes:8.0.1:*:*:*:*:*:*:*
ibm lotus_notes 8.0.2 cpe:2.3:a:ibm:lotus_notes:8.0.2:*:*:*:*:*:*:*
ibm lotus_notes 8.0.2.0 cpe:2.3:a:ibm:lotus_notes:8.0.2.0:*:*:*:*:*:*:*
ibm lotus_notes 8.0.2.1 cpe:2.3:a:ibm:lotus_notes:8.0.2.1:*:*:*:*:*:*:*
ibm lotus_notes 8.0.2.2 cpe:2.3:a:ibm:lotus_notes:8.0.2.2:*:*:*:*:*:*:*
ibm lotus_notes 8.0.2.3 cpe:2.3:a:ibm:lotus_notes:8.0.2.3:*:*:*:*:*:*:*
ibm lotus_notes 8.0.2.4 cpe:2.3:a:ibm:lotus_notes:8.0.2.4:*:*:*:*:*:*:*
ibm lotus_notes 8.0.2.5 cpe:2.3:a:ibm:lotus_notes:8.0.2.5:*:*:*:*:*:*:*
ibm lotus_notes 8.0.2.6 cpe:2.3:a:ibm:lotus_notes:8.0.2.6:*:*:*:*:*:*:*
ibm lotus_notes 8.5 cpe:2.3:a:ibm:lotus_notes:8.5:*:*:*:*:*:*:*
ibm lotus_notes 8.5.0.0 cpe:2.3:a:ibm:lotus_notes:8.5.0.0:*:*:*:*:*:*:*
ibm lotus_notes 8.5.0.1 cpe:2.3:a:ibm:lotus_notes:8.5.0.1:*:*:*:*:*:*:*
ibm lotus_notes 8.5.1 cpe:2.3:a:ibm:lotus_notes:8.5.1:*:*:*:*:*:*:*
ibm lotus_notes 8.5.1.0 cpe:2.3:a:ibm:lotus_notes:8.5.1.0:*:*:*:*:*:*:*
ibm lotus_notes 8.5.1.1 cpe:2.3:a:ibm:lotus_notes:8.5.1.1:*:*:*:*:*:*:*
ibm lotus_notes 8.5.1.2 cpe:2.3:a:ibm:lotus_notes:8.5.1.2:*:*:*:*:*:*:*
ibm lotus_notes 8.5.1.3 cpe:2.3:a:ibm:lotus_notes:8.5.1.3:*:*:*:*:*:*:*
ibm lotus_notes 8.5.1.4 cpe:2.3:a:ibm:lotus_notes:8.5.1.4:*:*:*:*:*:*:*
ibm lotus_notes 8.5.1.5 cpe:2.3:a:ibm:lotus_notes:8.5.1.5:*:*:*:*:*:*:*
ibm lotus_notes 8.5.2.0 cpe:2.3:a:ibm:lotus_notes:8.5.2.0:*:*:*:*:*:*:*
ibm lotus_notes 8.5.2.1 cpe:2.3:a:ibm:lotus_notes:8.5.2.1:*:*:*:*:*:*:*
ibm lotus_notes 8.5.2.2 cpe:2.3:a:ibm:lotus_notes:8.5.2.2:*:*:*:*:*:*:*
ibm lotus_notes 8.5.2.3 cpe:2.3:a:ibm:lotus_notes:8.5.2.3:*:*:*:*:*:*:*
ibm lotus_notes 8.5.3 cpe:2.3:a:ibm:lotus_notes:8.5.3:*:*:*:*:*:*:*
ibm lotus_notes 8.5.3.1 cpe:2.3:a:ibm:lotus_notes:8.5.3.1:*:*:*:*:*:*:*
ibm lotus_notes 8.5.3.2 cpe:2.3:a:ibm:lotus_notes:8.5.3.2:*:*:*:*:*:*:*
ibm lotus_notes 8.5.4 cpe:2.3:a:ibm:lotus_notes:8.5.4:*:*:*:*:*:*:*
ibm lotus_notes_sametime 8.0.80407 cpe:2.3:a:ibm:lotus_notes_sametime:8.0.80407:*:*:*:*:*:*:*
ibm lotus_notes_sametime 8.0.80822 cpe:2.3:a:ibm:lotus_notes_sametime:8.0.80822:*:*:*:*:*:*:*
ibm lotus_notes_sametime 8.5.1.20100709-1631 cpe:2.3:a:ibm:lotus_notes_sametime:8.5.1.20100709-1631:*:*:*:advanced_embedded:*:*:*
ibm lotus_notes_traveler 8.0 cpe:2.3:a:ibm:lotus_notes_traveler:8.0:*:*:*:*:*:*:*
ibm lotus_notes_traveler 8.0.1 cpe:2.3:a:ibm:lotus_notes_traveler:8.0.1:*:*:*:*:*:*:*
ibm lotus_notes_traveler 8.0.1.2 cpe:2.3:a:ibm:lotus_notes_traveler:8.0.1.2:*:*:*:*:*:*:*
ibm lotus_notes_traveler 8.0.1.3 cpe:2.3:a:ibm:lotus_notes_traveler:8.0.1.3:*:*:*:*:*:*:*
ibm lotus_notes_traveler 8.5.0.0 cpe:2.3:a:ibm:lotus_notes_traveler:8.5.0.0:*:*:*:*:*:*:*
ibm lotus_notes_traveler 8.5.0.1 cpe:2.3:a:ibm:lotus_notes_traveler:8.5.0.1:*:*:*:*:*:*:*
ibm lotus_notes_traveler 8.5.0.2 cpe:2.3:a:ibm:lotus_notes_traveler:8.5.0.2:*:*:*:*:*:*:*
ibm lotus_notes_traveler 8.5.1.1 cpe:2.3:a:ibm:lotus_notes_traveler:8.5.1.1:*:*:*:*:*:*:*
ibm lotus_notes_traveler 8.5.1.2 cpe:2.3:a:ibm:lotus_notes_traveler:8.5.1.2:*:*:*:*:*:*:*
ibm lotus_notes_traveler 8.5.1.3 cpe:2.3:a:ibm:lotus_notes_traveler:8.5.1.3:*:*:*:*:*:*:*
ibm lotus_notes_traveler 8.5.2.1 cpe:2.3:a:ibm:lotus_notes_traveler:8.5.2.1:*:*:*:*:*:*:*
ibm lotus_notes_traveler 8.5.3 cpe:2.3:a:ibm:lotus_notes_traveler:8.5.3:*:*:*:*:*:*:*
ibm lotus_notes_traveler 8.5.3.1 cpe:2.3:a:ibm:lotus_notes_traveler:8.5.3.1:*:*:*:*:*:*:*
ibm lotus_notes_traveler 8.5.3.2 cpe:2.3:a:ibm:lotus_notes_traveler:8.5.3.2:*:*:*:*:*:*:*
ibm lotus_notes_traveler 8.5.3.3 cpe:2.3:a:ibm:lotus_notes_traveler:8.5.3.3:*:*:*:*:*:*:*
ibm lotus_notes_traveler 8.5.3.3 cpe:2.3:a:ibm:lotus_notes_traveler:8.5.3.3:interim_fix_1:*:*:*:*:*:*
ibm rational_change 4.7 cpe:2.3:a:ibm:rational_change:4.7:*:*:*:*:*:*:*
ibm rational_change 5.1 cpe:2.3:a:ibm:rational_change:5.1:*:*:*:*:*:*:*
ibm rational_change 5.2 cpe:2.3:a:ibm:rational_change:5.2:*:*:*:*:*:*:*
ibm rational_change 5.3 cpe:2.3:a:ibm:rational_change:5.3:*:*:*:*:*:*:*
ibm rational_host_on-demand 1.6.0.12 cpe:2.3:a:ibm:rational_host_on-demand:1.6.0.12:*:*:*:*:*:*:*

References for CVE-2012-4822

URL Tags
http://rhn.redhat.com/errata/RHSA-2012-1465.html Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2012-1466.html Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2012-1467.html Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2013-1455.html Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2013-1456.html Third Party Advisory
http://seclists.org/bugtraq/2012/Sep/38 Mailing List Third Party Advisory
http://secunia.com/advisories/51326 Third Party Advisory
http://secunia.com/advisories/51327 Third Party Advisory
http://secunia.com/advisories/51328 Third Party Advisory
http://secunia.com/advisories/51393 Third Party Advisory
http://secunia.com/advisories/51634 Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg1IV29665 Vendor Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21615705 Vendor Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21615800 Vendor Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21616490 Vendor Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21616594 Vendor Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21616616 Vendor Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21616617 Vendor Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21616652 Vendor Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21616708 Vendor Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21621154 Vendor Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21631786 Vendor Advisory
http://www.securityfocus.com/bid/55495 Third Party Advisory VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/78766 VDB Entry
https://www-304.ibm.com/support/docview.wss?uid=swg21616546 Vendor Advisory
cvelogic Threat Intelligence