CVE-2018-1503

CWE-20Improper Input Validation3 documents3 sources
Severity
4.3MEDIUM
EPSS
0.3%
top 44.54%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Websphere MQ
Timeline
PublishedJul 23
Latest updateMay 13

Description

IBM WebSphere MQ 7.5, 8.0, and 9.0 could allow a remotely authenticated attacker to to send invalid or malformed headers that could cause messages to no longer be transmitted via the affected channel. IBM X-Force ID: 141339.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:LExploitability: 2.8 | Impact: 1.4

Affected Packages2 packages

NVDibm/websphere_mq7.5.0.07.5.0.8+2
CVEListV5ibm/websphere_mq7.5, 8.0, 9.0+2

🔴Vulnerability Details

2
GHSA
GHSA-c86m-jfmr-j98w: IBM WebSphere MQ 72022-05-13
CVEList
CVE-2018-1503: IBM WebSphere MQ 72018-07-23
CVE-2018-1503 (MEDIUM CVSS 4.3) | IBM WebSphere MQ 7.5 | cvebase.io