Websphere Message Broker Security Vulnerabilities and Issues — Websphere Message Broker CVE List

Lucene search

IbmWebsphere Message Broker

3 matches found

CVE•added 2013/02/20 12:9 p.m.•46 views

CVE-2012-5953

IBM WebSphere Message Broker 6.1 before 6.1.0.12, 7.0 before 7.0.0.6, and 8.0 before 8.0.0.2, when the Parse Query Strings option is enabled on an HTTPInput node, allows remote attackers to cause a denial of service (infinite loop) via a crafted query string.

4.3CVSS6.6AI score0.00556EPSS

CVE•added 2013/02/20 12:9 p.m.•38 views

CVE-2012-5952

IBM WebSphere Message Broker 6.1 before 6.1.0.12, 7.0 before 7.0.0.6, and 8.0 before 8.0.0.2 does not validate Basic Authentication credentials before proceeding to WS-Addressing and WS-Security operations, which allows remote attackers to trigger transmission of unauthenticated messages via unspec...

5CVSS6.9AI score0.00216EPSS

CVE•added 2013/02/20 12:9 p.m.•28 views

CVE-2013-0466

Cross-site scripting (XSS) vulnerability in IBM WebSphere Message Broker 7.0 before 7.0.0.6 and 8.0 before 8.0.0.2, when wsdl support is enabled on a SOAPInput node, allows remote attackers to inject arbitrary web script or HTML via a wsdl request that is not properly handled during construction of...

2.6CVSS5.7AI score0.00266EPSS