Back to search
CVE-2012-2206
Published: Aug 17, 2012
Modified: Aug 6, 2024
PUBLISHED
Description
The Web Gateway component in IBM WebSphere MQ File Transfer Edition 7.0.4 and earlier allows remote authenticated users to read files of arbitrary users via vectors involving a username in a URI, as demonstrated by a modified metadata=fteSamplesUser field to the /transfer URI.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
20478
exploit
x_refsource_EXPLOIT-DB
http://www.ibm.com/support/docview.wss?uid=swg21607481
x_refsource_CONFIRM
wmq-ftewg-security-bypass(77095)
vdb-entry
x_refsource_XF
IC82761
vendor-advisory
x_refsource_AIXAPAR
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now