Intrusion Prevention

IBM.WebSphere.MQ.File.Transfer.Edition.Web.Gateway.CSRF

Description

This indicates an attack attempt against a Cross Site Request Forgery vulnerability in in the "Web Gateway" component of IBM WebSphere MQ File Transfer Edition and WebSphere Managed File Transfer.
The vulnerability is due to insufficient sanitizing of user supplied inputs in the application. These vulnerabilities can be exploited using a CSRF (Cross Site Request Forgery) attack, allowing malicious user to add userspace, change permissions and add MQMD (MQ Message Descriptor) user IDs.

Affected Products

WebSphere MQ File Transfer Edition Version 7.0.4 and earlier versions
WebSphere MQ - Managed File Transfer Version 7.5 and earlier versions

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Apply the most recent upgrade or patch from the vendor.
http://www-01.ibm.com/support/docview.wss?uid=swg21607482

CVE References

CVE-2012-3294