CVE-2012-3330 : The proxy server in IBM WebSphere Application Server 7.0 before 7.0.0.27, 8.0 before 8.0.0.5, and 8.5 before 8.5.0.1, an

The proxy server in IBM WebSphere Application Server 7.0 before 7.0.0.27, 8.0 before 8.0.0.5, and 8.5 before 8.5.0.1, and WebSphere Virtual Enterprise, allows remote attackers to cause a denial of service (daemon outage) via a crafted request.

Published 2012-11-14 12:30:59

Updated 2017-08-29 01:31:54

Source IBM Corporation

View at NVD, CVE.org

Vulnerability category: Denial of service

Threat overview for CVE-2012-3330

Top countries where our scanners detected CVE-2012-3330

Top open port discovered on systems with this issue 9080

IPs affected by CVE-2012-3330 555

Threat actors abusing to this issue? Yes

Find out if you^* are affected by CVE-2012-3330!

^*Directly or indirectly through your vendors, service providers and 3rd parties. Powered by attack surface intelligence from SecurityScorecard.

Exploit prediction scoring system (EPSS) score for CVE-2012-3330

Probability of exploitation activity in the next 30 days: 0.62%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 76 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2012-3330

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
5.0	MEDIUM	AV:N/AC:L/Au:N/C:N/I:N/A:P	10.0	2.9	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: None Integrity Impact: None Availability Impact: Partial

References for CVE-2012-3330

http://www.ibm.com/support/docview.wss?uid=swg21614265

IBM Security Bulletin: Security Vulnerabilities fixed in IBM WebSphere Application Server 8.5.0.1
Vendor Advisory

CVEs referencing this url
https://exchange.xforce.ibmcloud.com/vulnerabilities/78047

IBM WebSphere Application Server and WebSphere Virtual Enterprise proxy server denial of service CVE-2012-3330 Vulnerability Report
http://www-01.ibm.com/support/docview.wss?uid=swg1PM71319

IBM notice: The page you requested cannot be displayed

Products affected by CVE-2012-3330

IBM » Websphere Application Server » Version: 7.0
cpe:2.3:a:ibm:websphere_application_server:7.0:*:*:*:*:*:*:*
Matching versions
IBM » Websphere Application Server » Version: 7.0.0.1
cpe:2.3:a:ibm:websphere_application_server:7.0.0.1:*:*:*:*:*:*:*
Matching versions
IBM » Websphere Application Server » Version: 7.0.0.4
cpe:2.3:a:ibm:websphere_application_server:7.0.0.4:*:*:*:*:*:*:*
Matching versions
IBM » Websphere Application Server » Version: 7.0.0.3
cpe:2.3:a:ibm:websphere_application_server:7.0.0.3:*:*:*:*:*:*:*
Matching versions
IBM » Websphere Application Server » Version: 7.0.0.6
cpe:2.3:a:ibm:websphere_application_server:7.0.0.6:*:*:*:*:*:*:*
Matching versions
IBM » Websphere Application Server » Version: 7.0.0.5
cpe:2.3:a:ibm:websphere_application_server:7.0.0.5:*:*:*:*:*:*:*
Matching versions
IBM » Websphere Application Server » Version: 7.0.0.2
cpe:2.3:a:ibm:websphere_application_server:7.0.0.2:*:*:*:*:*:*:*
Matching versions
IBM » Websphere Application Server » Version: 7.0.0.7
cpe:2.3:a:ibm:websphere_application_server:7.0.0.7:*:*:*:*:*:*:*
Matching versions
IBM » Websphere Application Server » Version: 7.0.0.8
cpe:2.3:a:ibm:websphere_application_server:7.0.0.8:*:*:*:*:*:*:*
Matching versions
IBM » Websphere Application Server » Version: 7.0.0.9
cpe:2.3:a:ibm:websphere_application_server:7.0.0.9:*:*:*:*:*:*:*
Matching versions
IBM » Websphere Application Server » Version: 7.0.0.11
cpe:2.3:a:ibm:websphere_application_server:7.0.0.11:*:*:*:*:*:*:*
Matching versions
IBM » Websphere Application Server » Version: 7.0.0.13
cpe:2.3:a:ibm:websphere_application_server:7.0.0.13:*:*:*:*:*:*:*
Matching versions
IBM » Websphere Application Server » Version: 7.0.0.15
cpe:2.3:a:ibm:websphere_application_server:7.0.0.15:*:*:*:*:*:*:*
Matching versions
IBM » Websphere Application Server » Version: 7.0.0.17
cpe:2.3:a:ibm:websphere_application_server:7.0.0.17:*:*:*:*:*:*:*
Matching versions
IBM » Websphere Application Server » Version: 8.0.0.0
cpe:2.3:a:ibm:websphere_application_server:8.0.0.0:*:*:*:*:*:*:*
Matching versions
IBM » Websphere Application Server » Version: 7.0.0.19
cpe:2.3:a:ibm:websphere_application_server:7.0.0.19:*:*:*:*:*:*:*
Matching versions
IBM » Websphere Application Server » Version: 8.0.0.1
cpe:2.3:a:ibm:websphere_application_server:8.0.0.1:*:*:*:*:*:*:*
Matching versions
IBM » Websphere Application Server » Version: 7.0.0.21
cpe:2.3:a:ibm:websphere_application_server:7.0.0.21:*:*:*:*:*:*:*
Matching versions
IBM » Websphere Application Server » Version: 8.0.0.2
cpe:2.3:a:ibm:websphere_application_server:8.0.0.2:*:*:*:*:*:*:*
Matching versions
IBM » Websphere Application Server » Version: 7.0.0.23
cpe:2.3:a:ibm:websphere_application_server:7.0.0.23:*:*:*:*:*:*:*
Matching versions
IBM » Websphere Application Server » Version: 8.0.0.3
cpe:2.3:a:ibm:websphere_application_server:8.0.0.3:*:*:*:*:*:*:*
Matching versions
IBM » Websphere Application Server » Version: 8.5.0.0
cpe:2.3:a:ibm:websphere_application_server:8.5.0.0:*:*:*:*:*:*:*
Matching versions
IBM » Websphere Application Server » Version: 8.0.0.4
cpe:2.3:a:ibm:websphere_application_server:8.0.0.4:*:*:*:*:*:*:*
Matching versions
IBM » Websphere Application Server » Version: 7.0.0.25
cpe:2.3:a:ibm:websphere_application_server:7.0.0.25:*:*:*:*:*:*:*
Matching versions

Vulnerability Details : CVE-2012-3330

Threat overview for CVE-2012-3330

Exploit prediction scoring system (EPSS) score for CVE-2012-3330

CVSS scores for CVE-2012-3330

References for CVE-2012-3330

Products affected by CVE-2012-3330