CVE-2012-2206

Publication date

2012-08-17 10:00:00

Family

ibm

State

PUBLISHED

Description

The Web Gateway component in IBM WebSphere MQ File Transfer Edition 7.0.4 and earlier allows remote authenticated users to read files of arbitrary users via vectors involving a username in a URI, as demonstrated by a modified metadata=fteSamplesUser field to the /transfer URI.