VYPR
Unrated severityNVD Advisory· Published Feb 20, 2013· Updated Jun 16, 2026

CVE-2012-5952

CVE-2012-5952

Description

IBM WebSphere Message Broker 6.1 before 6.1.0.12, 7.0 before 7.0.0.6, and 8.0 before 8.0.0.2 does not validate Basic Authentication credentials before proceeding to WS-Addressing and WS-Security operations, which allows remote attackers to trigger transmission of unauthenticated messages via unspecified vectors.

Affected products

21
  • cpe:2.3:a:ibm:websphere_message_broker:6.1:*:*:*:*:*:*:*+ 20 more
    • cpe:2.3:a:ibm:websphere_message_broker:6.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_message_broker:6.1.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_message_broker:6.1.0.10:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_message_broker:6.1.0.11:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_message_broker:6.1.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_message_broker:6.1.0.3:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_message_broker:6.1.0.4:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_message_broker:6.1.0.5:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_message_broker:6.1.0.6:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_message_broker:6.1.0.7:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_message_broker:6.1.0.8:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_message_broker:6.1.0.9:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_message_broker:7.0.:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_message_broker:7.0.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_message_broker:7.0.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_message_broker:7.0.0.3:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_message_broker:7.0.0.4:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_message_broker:7.0.0.5:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_message_broker:8.0:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_message_broker:8.0.0.1:*:*:*:*:*:*:*
    • (no CPE)range: >=6.1 <6.1.0.12, >=7.0 <7.0.0.6, >=8.0 <8.0.0.2

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.