NVD

Id
42332  
Name
CVE-2012-0193  
Description
IBM WebSphere Application Server (WAS) 6.0 through 6.0.2.43, 6.1 before 6.1.0.43, 7.0 before 7.0.0.23, and 8.0 before 8.0.0.3 computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters.  
Reject
 
CVSS Version
2  
CVSS Score
5  
Severity
Medium  
CVSS Base Score
5  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:N/I:N/A:P)  
Pub Date
2017-01-19  
Published
2012-01-19  
Modified Date
2012-01-26  
Seq
2012-0193  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
213576 42332 CVE-2012-0193 PM53930  View
213577 42332 CVE-2012-0193 http://www-01.ibm.com/support/docview.wss?uid=swg21577532  View
213578 42332 CVE-2012-0193 http://www-01.ibm.com/support/docview.wss?uid=swg24031821  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
25458 JVNDB-2012-001165 IBM WebSphere Application Server におけるサービス運用妨害 (CPU 資源の消費) の脆弱性 IBM WebSphere Application Server (WAS) は、ハッシュ衝突を想定した制限を行わずにフォームパラメータのハッシュ値を算出するため、サービス運用妨害 (CPU 資源の消費) 状態となる脆弱性が存在します。 CVE-2012-0193 53431 CVE-2012-0193 42332 5 http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-001165.html 2012-01-17 2012-01-24 View