What is the severity of CVE-2012-0193?

CVE-2012-0193 is classified as a medium severity vulnerability that can lead to denial of service conditions.

How do I fix CVE-2012-0193?

To fix CVE-2012-0193, upgrade IBM WebSphere Application Server to a version that is not affected, such as 6.1.0.43, 7.0.0.23, or 8.0.0.3 and above.

What are the affected versions for CVE-2012-0193?

CVE-2012-0193 affects IBM WebSphere Application Server versions from 6.0 through 6.0.2.43, 6.1 before 6.1.0.43, 7.0 before 7.0.0.23, and 8.0 before 8.0.0.3.

Can CVE-2012-0193 be exploited remotely?

Yes, CVE-2012-0193 can be exploited remotely by attackers to cause denial of service.

What type of vulnerability is CVE-2012-0193?

CVE-2012-0193 is a hash collision vulnerability that allows attackers to create conditions leading to service disruption.

Vulnerability/
CVE-2012-0193

medium

CWE

20/1/2012

6/8/2024

CVE-2012-0193: Input Validation

First published: Fri Jan 20 2012(Updated: )

IBM WebSphere Application Server (WAS) 6.0 through 6.0.2.43, 6.1 before 6.1.0.43, 7.0 before 7.0.0.23, and 8.0 before 8.0.0.3 computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters.

Credit: psirt@us.ibm.com

Affected Software	Affected Version	How to fix
IBM WebSphere Application Server Feature Pack for Web Services	=6.0.0.0
IBM WebSphere Application Server Feature Pack for Web Services	=6.0.0.2
IBM WebSphere Application Server Feature Pack for Web Services	=6.0.0.3
IBM WebSphere Application Server Feature Pack for Web Services	=6.0.1.0
IBM WebSphere Application Server Feature Pack for Web Services	=6.0.1.11
IBM WebSphere Application Server Feature Pack for Web Services	=6.0.1.12
IBM WebSphere Application Server Feature Pack for Web Services	=6.0.2.0
IBM WebSphere Application Server Feature Pack for Web Services	=6.0.2.1
IBM WebSphere Application Server Feature Pack for Web Services	=6.0.2.2
IBM WebSphere Application Server Feature Pack for Web Services	=6.0.2.3
IBM WebSphere Application Server Feature Pack for Web Services	=6.0.2.4
IBM WebSphere Application Server Feature Pack for Web Services	=6.0.2.5
IBM WebSphere Application Server Feature Pack for Web Services	=6.0.2.6
IBM WebSphere Application Server Feature Pack for Web Services	=6.0.2.7
IBM WebSphere Application Server Feature Pack for Web Services	=6.0.2.8
IBM WebSphere Application Server Feature Pack for Web Services	=6.0.2.9
IBM WebSphere Application Server Feature Pack for Web Services	=6.0.2.11
IBM WebSphere Application Server Feature Pack for Web Services	=6.0.2.13
IBM WebSphere Application Server Feature Pack for Web Services	=6.0.2.15
IBM WebSphere Application Server Feature Pack for Web Services	=6.0.2.17
IBM WebSphere Application Server Feature Pack for Web Services	=6.0.2.19
IBM WebSphere Application Server Feature Pack for Web Services	=6.0.2.21
IBM WebSphere Application Server Feature Pack for Web Services	=6.0.2.23
IBM WebSphere Application Server Feature Pack for Web Services	=6.0.2.25
IBM WebSphere Application Server Feature Pack for Web Services	=6.0.2.27
IBM WebSphere Application Server Feature Pack for Web Services	=6.0.2.29
IBM WebSphere Application Server Feature Pack for Web Services	=6.0.2.31
IBM WebSphere Application Server Feature Pack for Web Services	=6.0.2.33
IBM WebSphere Application Server Feature Pack for Web Services	=6.0.2.35
IBM WebSphere Application Server Feature Pack for Web Services	=6.0.2.37
IBM WebSphere Application Server Feature Pack for Web Services	=6.0.2.43
IBM WebSphere Application Server Feature Pack for Web Services	=6.1.0.0
IBM WebSphere Application Server Feature Pack for Web Services	=6.1.0.1
IBM WebSphere Application Server Feature Pack for Web Services	=6.1.0.3
IBM WebSphere Application Server Feature Pack for Web Services	=6.1.0.5
IBM WebSphere Application Server Feature Pack for Web Services	=6.1.0.7
IBM WebSphere Application Server Feature Pack for Web Services	=6.1.0.9
IBM WebSphere Application Server Feature Pack for Web Services	=6.1.0.11
IBM WebSphere Application Server Feature Pack for Web Services	=6.1.0.13
IBM WebSphere Application Server Feature Pack for Web Services	=6.1.0.14
IBM WebSphere Application Server Feature Pack for Web Services	=6.1.0.15
IBM WebSphere Application Server Feature Pack for Web Services	=6.1.0.17
IBM WebSphere Application Server Feature Pack for Web Services	=6.1.0.19
IBM WebSphere Application Server Feature Pack for Web Services	=6.1.0.21
IBM WebSphere Application Server Feature Pack for Web Services	=6.1.0.23
IBM WebSphere Application Server Feature Pack for Web Services	=6.1.0.25
IBM WebSphere Application Server Feature Pack for Web Services	=6.1.0.27
IBM WebSphere Application Server Feature Pack for Web Services	=6.1.0.33
IBM WebSphere Application Server Feature Pack for Web Services	=6.1.0.35
IBM WebSphere Application Server Feature Pack for Web Services	=6.1.0.37
IBM WebSphere Application Server Feature Pack for Web Services	=6.1.0.39
IBM WebSphere Application Server Feature Pack for Web Services	=6.1.0.41
IBM WebSphere Application Server Feature Pack for Web Services	=7.0.0.1
IBM WebSphere Application Server Feature Pack for Web Services	=7.0.0.2
IBM WebSphere Application Server Feature Pack for Web Services	=7.0.0.3
IBM WebSphere Application Server Feature Pack for Web Services	=7.0.0.5
IBM WebSphere Application Server Feature Pack for Web Services	=7.0.0.7
IBM WebSphere Application Server Feature Pack for Web Services	=7.0.0.9
IBM WebSphere Application Server Feature Pack for Web Services	=7.0.0.11
IBM WebSphere Application Server Feature Pack for Web Services	=7.0.0.13
IBM WebSphere Application Server Feature Pack for Web Services	=7.0.0.15
IBM WebSphere Application Server Feature Pack for Web Services	=7.0.0.17
IBM WebSphere Application Server Feature Pack for Web Services	=7.0.0.19
IBM WebSphere Application Server Feature Pack for Web Services	=7.0.0.21
IBM WebSphere Application Server Feature Pack for Web Services	=8.0.0.0
IBM WebSphere Application Server Feature Pack for Web Services	=8.0.0.1
IBM WebSphere Application Server Feature Pack for Web Services	=8.0.0.2

Remedy

http://www-01.ibm.com/support/docview.wss?uid=swg21577532

Remedy

http://www-01.ibm.com/support/docview.wss?uid=swg24031821

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2012-0193?
CVE-2012-0193 is classified as a medium severity vulnerability that can lead to denial of service conditions.
How do I fix CVE-2012-0193?
To fix CVE-2012-0193, upgrade IBM WebSphere Application Server to a version that is not affected, such as 6.1.0.43, 7.0.0.23, or 8.0.0.3 and above.
What are the affected versions for CVE-2012-0193?
CVE-2012-0193 affects IBM WebSphere Application Server versions from 6.0 through 6.0.2.43, 6.1 before 6.1.0.43, 7.0 before 7.0.0.23, and 8.0 before 8.0.0.3.
Can CVE-2012-0193 be exploited remotely?
Yes, CVE-2012-0193 can be exploited remotely by attackers to cause denial of service.
What type of vulnerability is CVE-2012-0193?
CVE-2012-0193 is a hash collision vulnerability that allows attackers to create conditions leading to service disruption.

agent/references
agent/type
agent/remedy
collector/mitre-cve
source/MITRE
agent/author
agent/last-modified-date
agent/weakness
agent/severity
agent/description
agent/first-publish-date
agent/event
agent/source
agent/softwarecombine
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/ibm
canonical/ibm websphere application server feature pack for web services
version/ibm websphere application server feature pack for web services/6.0.0.0
version/ibm websphere application server feature pack for web services/6.0.0.2
version/ibm websphere application server feature pack for web services/6.0.0.3
version/ibm websphere application server feature pack for web services/6.0.1.0
version/ibm websphere application server feature pack for web services/6.0.1.11
version/ibm websphere application server feature pack for web services/6.0.1.12
version/ibm websphere application server feature pack for web services/6.0.2.0
version/ibm websphere application server feature pack for web services/6.0.2.1
version/ibm websphere application server feature pack for web services/6.0.2.2
version/ibm websphere application server feature pack for web services/6.0.2.3
version/ibm websphere application server feature pack for web services/6.0.2.4
version/ibm websphere application server feature pack for web services/6.0.2.5
version/ibm websphere application server feature pack for web services/6.0.2.6
version/ibm websphere application server feature pack for web services/6.0.2.7
version/ibm websphere application server feature pack for web services/6.0.2.8
version/ibm websphere application server feature pack for web services/6.0.2.9
version/ibm websphere application server feature pack for web services/6.0.2.11
version/ibm websphere application server feature pack for web services/6.0.2.13
version/ibm websphere application server feature pack for web services/6.0.2.15
version/ibm websphere application server feature pack for web services/6.0.2.17
version/ibm websphere application server feature pack for web services/6.0.2.19
version/ibm websphere application server feature pack for web services/6.0.2.21
version/ibm websphere application server feature pack for web services/6.0.2.23
version/ibm websphere application server feature pack for web services/6.0.2.25
version/ibm websphere application server feature pack for web services/6.0.2.27
version/ibm websphere application server feature pack for web services/6.0.2.29
version/ibm websphere application server feature pack for web services/6.0.2.31
version/ibm websphere application server feature pack for web services/6.0.2.33
version/ibm websphere application server feature pack for web services/6.0.2.35
version/ibm websphere application server feature pack for web services/6.0.2.37
version/ibm websphere application server feature pack for web services/6.0.2.43
version/ibm websphere application server feature pack for web services/6.1.0.0
version/ibm websphere application server feature pack for web services/6.1.0.1
version/ibm websphere application server feature pack for web services/6.1.0.3
version/ibm websphere application server feature pack for web services/6.1.0.5
version/ibm websphere application server feature pack for web services/6.1.0.7
version/ibm websphere application server feature pack for web services/6.1.0.9
version/ibm websphere application server feature pack for web services/6.1.0.11
version/ibm websphere application server feature pack for web services/6.1.0.13
version/ibm websphere application server feature pack for web services/6.1.0.14
version/ibm websphere application server feature pack for web services/6.1.0.15
version/ibm websphere application server feature pack for web services/6.1.0.17
version/ibm websphere application server feature pack for web services/6.1.0.19
version/ibm websphere application server feature pack for web services/6.1.0.21
version/ibm websphere application server feature pack for web services/6.1.0.23
version/ibm websphere application server feature pack for web services/6.1.0.25
version/ibm websphere application server feature pack for web services/6.1.0.27
version/ibm websphere application server feature pack for web services/6.1.0.33
version/ibm websphere application server feature pack for web services/6.1.0.35
version/ibm websphere application server feature pack for web services/6.1.0.37
version/ibm websphere application server feature pack for web services/6.1.0.39
version/ibm websphere application server feature pack for web services/6.1.0.41
version/ibm websphere application server feature pack for web services/7.0.0.1
version/ibm websphere application server feature pack for web services/7.0.0.2
version/ibm websphere application server feature pack for web services/7.0.0.3
version/ibm websphere application server feature pack for web services/7.0.0.5
version/ibm websphere application server feature pack for web services/7.0.0.7
version/ibm websphere application server feature pack for web services/7.0.0.9
version/ibm websphere application server feature pack for web services/7.0.0.11
version/ibm websphere application server feature pack for web services/7.0.0.13
version/ibm websphere application server feature pack for web services/7.0.0.15
version/ibm websphere application server feature pack for web services/7.0.0.17
version/ibm websphere application server feature pack for web services/7.0.0.19
version/ibm websphere application server feature pack for web services/7.0.0.21
version/ibm websphere application server feature pack for web services/8.0.0.0
version/ibm websphere application server feature pack for web services/8.0.0.1
version/ibm websphere application server feature pack for web services/8.0.0.2

CVE-2012-0193: Input Validation

Remedy

Remedy

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2012-0193?

How do I fix CVE-2012-0193?

What are the affected versions for CVE-2012-0193?

Can CVE-2012-0193 be exploited remotely?

What type of vulnerability is CVE-2012-0193?

Company

Resources

Contact