IBM WebSphere Application Server and WebSphere Virtual Enterprise proxy server denial of service
|was-proxy-dos (78047)||Medium Risk|
WebSphere Application Server and WebSphere Virtual Enterprise are vulnerable to a denial of service, caused by an error in the proxy server component. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause the proxy to be marked as down and deny access to applications.
Denial of Service
Refer to the appropriate IBM Security Bulletin for patch, upgrade or suggested workaround information. See References.
- IBM Security Bulletin 1614265: Security Vulnerabilities fixed in IBM WebSphere Application Server 188.8.131.52.
- IBM Security Bulletin 1622444: Security Vulnerabilities fixed in IBM WebSphere Application Server 184.108.40.206.
- BID-56459: IBM WebSphere Application Server CVE-2012-3330 Denial Of Service Vulnerability
- CVE-2012-3330: The proxy server in IBM WebSphere Application Server 7.0 before 220.127.116.11, 8.0 before 18.104.22.168, and 8.5 before 22.214.171.124, and WebSphere Virtual Enterprise, allows remote attackers to cause a denial of service (daemon outage) via a crafted request.
- IBM WebSphere Application Server 7.0
- IBM WebSphere Application Server 8.5
Oct 29, 2012
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall IBM be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.