CVE-2017-1117 — IBM Websphere MQ vulnerability

3 documents3 sources

Severity

5.3MEDIUMNVD

EPSS

0.4%

top 38.08%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

IBM MQ IBM Websphere MQ

Timeline

PublishedJun 21

Latest updateMay 13

Description

IBM WebSphere MQ 8.0 and 9.0 could allow an authenticated user to cause a denial of service to the MQXR channel when trace is enabled. IBM X-Force ID: 121155.

CVSS vector

CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.6 | Impact: 3.6

Affected Packages2 packages

▶NVDibm/websphere_mq9 versions+8

▶CVEListV5ibm/mq8 versions+7

Patches

Patch: www.ibm.com ↗Patch: www.ibm.com ↗

🔴Vulnerability Details

GHSA

GHSA-f89q-v6m4-88mh: IBM WebSphere MQ 8↗2022-05-13

▶

CVEList

CVE-2017-1117: IBM WebSphere MQ 8↗2017-06-21

▶