Lucene search

[email protected]NVD:CVE-2012-2201

HistorySep 29, 2022 - 3:15 a.m.

CVE-2012-2201

2022-09-2903:15:10

[email protected]

web.nvd.nist.gov

ibm websphere mq

denial of service

svrconn channel

queue manager

vulnerability

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

46.2%

JSON

IBM WebSphere MQ 7.1 is vulnerable to a denial of service, caused by an error when handling user ids. A remote attacker could exploit this vulnerability to bypass the security configuration setup on a SVRCONN channel and flood the queue manager.

Affected configurations

Nvd

Node

ibmwebsphere_mqMatch7.1

VendorProductVersionCPE
ibmwebsphere_mq7.1cpe:2.3:a:ibm:websphere_mq:7.1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
ibm	websphere_mq	7.1	cpe:2.3:a:ibm:websphere_mq:7.1:::::::*

References

exchange.xforce.ibmcloud.com/vulnerabilities/76799

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

46.2%

JSON

Related for NVD:CVE-2012-2201

cnvd1 cvelist1 prion1 cve1