CVE-2012-2201
First published: Thu Sep 29 2022(Updated: )
IBM WebSphere MQ 7.1 is vulnerable to a denial of service, caused by an error when handling user ids. A remote attacker could exploit this vulnerability to bypass the security configuration setup on a SVRCONN channel and flood the queue manager.
Credit: psirt@us.ibm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| IBM WebSphere MQ | =7.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2012-2201?
CVE-2012-2201 is a vulnerability in IBM WebSphere MQ 7.1 that allows a remote attacker to bypass security configuration and flood the queue manager, leading to a denial of service.
How severe is CVE-2012-2201?
CVE-2012-2201 has a severity rating of 7.5 (high).
Who is affected by CVE-2012-2201?
IBM WebSphere MQ 7.1 users are affected by CVE-2012-2201.
How can CVE-2012-2201 be exploited?
CVE-2012-2201 can be exploited by a remote attacker who can manipulate user ids and flood the queue manager.
Is there a fix for CVE-2012-2201?
IBM provides security fixes and updates to address CVE-2012-2201. It is recommended to apply the latest patches and follow the vendor's recommendations.
- collector/nvd-index
- agent/type
- agent/description
- vendor/ibm
- canonical/ibm websphere mq
- version/ibm websphere mq/7.1