cbcvebase.
CVE-2012-2206
published 2012-08-17

CVE-2012-2206: The Web Gateway component in IBM WebSphere MQ File Transfer Edition 7.0.4 and earlier allows remote authenticated users to read files of arbitrary users via…

PriorityP422low3.5CVSS 2.0
AVNACMAuSCPINAN
EXPLOIT
EPSS
2.01%
78.4th percentile
The Web Gateway component in IBM WebSphere MQ File Transfer Edition 7.0.4 and earlier allows remote authenticated users to read files of arbitrary users via vectors involving a username in a URI, as demonstrated by a modified metadata=fteSamplesUser field to the /transfer URI.

Affected

7 ranges
VendorProductVersion rangeFixed in
ibmwebsphere_mq
ibmwebsphere_mq
ibmwebsphere_mq
ibmwebsphere_mq
ibmwebsphere_mq
ibmwebsphere_mq
ibmwebsphere_mq
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.