CVE-2012-5952 in WebSphere Messageinfo

Summary

IBM WebSphere Message Broker 6.1 before 6.1.0.12, 7.0 before 7.0.0.6, and 8.0 before 8.0.0.2 does not validate Basic Authentication credentials before proceeding to WS-Addressing and WS-Security operations, which allows remote attackers to trigger transmission of unauthenticated messages via unspecified vectors.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Reservation

11/21/2012

Disclosure

02/20/2013

Moderation

VulDB entry created

Entries

CPE

ready

CWE

CWE-287

CVSS

7.3

EPSS

0.00216

CTI

0.00

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2012-5952
NVD	https://nvd.nist.gov/vuln/detail/CVE-2012-5952
CVE Details	https://www.cvedetails.com/cve/CVE-2012-5952/

◂ Previous Overview Next ▸

Want to stay up to date on a daily basis?

Enable the mail alert feature now!