CVE-2012-2190

medium

Description

IBM Global Security Kit (aka GSKit), as used in IBM HTTP Server in IBM WebSphere Application Server (WAS) 6.1.x before 6.1.0.45, 7.0.x before 7.0.0.25, 8.0.x before 8.0.0.4, and 8.5.x before 8.5.0.1, allows remote attackers to cause a denial of service (daemon crash) via a crafted ClientHello message in the TLS Handshake Protocol.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/75994

http://www-01.ibm.com/support/docview.wss?uid=swg21606096

http://www-01.ibm.com/support/docview.wss?uid=swg1PM66218

Details

Source: Mitre, NVD

Published: 2012-08-21

Updated: 2017-08-29

Risk Information

CVSS v2

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

Severity: Medium

CVSS v3

Base Score: 5.9

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Severity: Medium