CVE-2012-2201

3 documents3 sources

Severity

7.5HIGH

EPSS

0.4%

top 41.39%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

IBM Websphere MQ

Timeline

PublishedSep 29

Latest updateSep 30

Description

IBM WebSphere MQ 7.1 is vulnerable to a denial of service, caused by an error when handling user ids. A remote attacker could exploit this vulnerability to bypass the security configuration setup on a SVRCONN channel and flood the queue manager.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages1 packages

▶NVDibm/websphere_mq7.1

🔴Vulnerability Details

GHSA

GHSA-p2h9-m2hm-4gjp: IBM WebSphere MQ 7↗2022-09-30

▶

CVEList

CVE-2012-2201: IBM WebSphere MQ 7↗2020-08-27

▶