CVE-2014-4771IBM Websphere MQ vulnerability

CWE-3993 documents3 sources
Severity
3.5LOWNVD
EPSS
0.4%
top 42.47%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Websphere MQ
Timeline
PublishedFeb 13
Latest updateMay 17

Description

IBM WebSphere MQ 7.0.1 before 7.0.1.13, 7.1 before 7.1.0.6, 7.5 before 7.5.0.5, and 8 before 8.0.0.1 allows remote authenticated users to cause a denial of service (queue-slot exhaustion) by leveraging PCF query privileges for a crafted query.

CVSS vector

AV:N/AC:M/C:N/I:N/A:PExploitability: 6.8 | Impact: 2.9

Affected Packages1 packages

NVDibm/websphere_mq25 versions+24

Patches

Patch: www-01.ibm.comPatch: www-01.ibm.com

🔴Vulnerability Details

2
GHSA
GHSA-4g5v-px63-wq9q: IBM WebSphere MQ 72022-05-17
CVEList
CVE-2014-4771: IBM WebSphere MQ 72015-02-13
CVE-2014-4771 — IBM Websphere MQ vulnerability | cvebase