Denial of Service Vulnerability in IBM WebSphere MQ
CVE-2012-2201

7.5HIGH

Key Information:

Vendor: IBM
Status: Websphere MQ
Vendor: CVE Published:; 29 September 2022

Summary

IBM WebSphere MQ 7.1 has a vulnerability that allows a remote attacker to exploit improper handling of user IDs. By exploiting this flaw, the attacker can bypass the security mechanisms configured on a SVRCONN channel, leading to a potential flooding of the queue manager and causing denial of service. This vulnerability highlights the importance of securing message queue environments against unauthorized access and misuse.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/76799

vdb-entryx_refsource_XF

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Sep 29, 2022
Vulnerability Reserved
Apr 4, 2012