CVE-2012-5953

EUVD-2012-5827
IBM WebSphere Message Broker 6.1 before 6.1.0.12, 7.0 before 7.0.0.6, and 8.0 before 8.0.0.2, when the Parse Query Strings option is enabled on an HTTPInput node, allows remote attackers to cause a denial of service (infinite loop) via a crafted query string.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:N/I:N/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 67%
Affected Products (NVD)
VendorProductVersion
ibmwebsphere_message_broker
6.1
ibmwebsphere_message_broker
6.1.0.1
ibmwebsphere_message_broker
6.1.0.2
ibmwebsphere_message_broker
6.1.0.3
ibmwebsphere_message_broker
6.1.0.4
ibmwebsphere_message_broker
6.1.0.5
ibmwebsphere_message_broker
6.1.0.6
ibmwebsphere_message_broker
6.1.0.7
ibmwebsphere_message_broker
6.1.0.8
ibmwebsphere_message_broker
6.1.0.9
ibmwebsphere_message_broker
6.1.0.10
ibmwebsphere_message_broker
6.1.0.11
ibmwebsphere_message_broker
7.0.
ibmwebsphere_message_broker
7.0.0.1
ibmwebsphere_message_broker
7.0.0.2
ibmwebsphere_message_broker
7.0.0.3
ibmwebsphere_message_broker
7.0.0.4
ibmwebsphere_message_broker
7.0.0.5
ibmwebsphere_message_broker
8.0
ibmwebsphere_message_broker
8.0.0.1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www-01.ibm.com/support/docview.wss?uid=swg1PM75015
http://www-01.ibm.com/support/docview.wss?uid=swg21623316
https://exchange.xforce.ibmcloud.com/vulnerabilities/80667
http://www-01.ibm.com/support/docview.wss?uid=swg1PM75015
http://www-01.ibm.com/support/docview.wss?uid=swg21623316
https://exchange.xforce.ibmcloud.com/vulnerabilities/80667