CVE-2016-0379 — IBM Websphere MQ vulnerability

CWE-193 documents3 sources

Severity

3.1LOWNVD

EPSS

0.3%

top 44.86%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

IBM Websphere MQ

Timeline

PublishedSep 26

Latest updateMay 17

Description

IBM WebSphere MQ 7.5 before 7.5.0.7 and 8.0 before 8.0.0.5 mishandles protocol flows, which allows remote authenticated users to cause a denial of service (channel outage) by leveraging queue-manager rights.

CVSS vector

CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:LExploitability: 1.6 | Impact: 1.4

Affected Packages1 packages

▶NVDibm/websphere_mq12 versions+11

Patches

Patch: www-01.ibm.com ↗Patch: www-01.ibm.com ↗

🔴Vulnerability Details

GHSA

GHSA-c2cr-xw74-6hfq: IBM WebSphere MQ 7↗2022-05-17

▶

CVEList

CVE-2016-0379: IBM WebSphere MQ 7↗2016-09-26

▶