Ibm Corporation Websphere Mq vulnerabilities

8 known vulnerabilities affecting ibm_corporation/websphere_mq.

Total CVEs
8
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH1MEDIUM5LOW1

Vulnerabilities

Page 1 of 1
CVE-2017-1145HIGHCVSS 8.6v8.0.0.62017-03-20
CVE-2017-1145 [HIGH] CWE-404 CVE-2017-1145: IBM WebSphere MQ 8.0.0.6 does not properly terminate channel agents when they are no longer needed, IBM WebSphere MQ 8.0.0.6 does not properly terminate channel agents when they are no longer needed, which could allow a user to cause a denial of service through resource exhaustion. IBM Reference #: 1999672.
cvelistv5nvd
CVE-2016-8971MEDIUMCVSS 6.5v5.1v5.3+65 more2017-03-07
CVE-2016-8971 [MEDIUM] CWE-119 CVE-2016-8971: IBM WebSphere MQ 8.0 could allow an authenticated user with queue manager permissions to cause a seg IBM WebSphere MQ 8.0 could allow an authenticated user with queue manager permissions to cause a segmentation fault which would result in the box having to be rebooted to resume normal operations. IBM Reference #: 1998663.
cvelistv5nvd
CVE-2016-9009LOWCVSS 3.1v8.02017-02-24
CVE-2016-9009 [LOW] CWE-20 CVE-2016-9009: IBM WebSphere MQ 8.0 could allow an authenticated user with authority to create a cluster object to IBM WebSphere MQ 8.0 could allow an authenticated user with authority to create a cluster object to cause a denial of service to MQ clustering. IBM Reference #: 1998647.
cvelistv5nvd
CVE-2016-8915MEDIUMCVSS 6.5v8.02017-02-22
CVE-2016-8915 [MEDIUM] CWE-284 CVE-2016-8915: IBM WebSphere MQ 8.0 could allow an authenticated user with access to the queue manager and queue, t IBM WebSphere MQ 8.0 could allow an authenticated user with access to the queue manager and queue, to deny service to other channels running under the same process. IBM Reference #: 1998649.
cvelistv5nvd
CVE-2016-8986MEDIUMCVSS 6.5v8.02017-02-22
CVE-2016-8986 [MEDIUM] CWE-284 CVE-2016-8986: IBM WebSphere MQ 8.0 could allow an authenticated user with access to the queue manager to bring dow IBM WebSphere MQ 8.0 could allow an authenticated user with access to the queue manager to bring down MQ channels using specially crafted HTTP requests. IBM Reference #: 1998648.
cvelistv5nvd
CVE-2016-3052MEDIUMCVSS 5.9v8.02017-02-22
CVE-2016-3052 [MEDIUM] CWE-200 CVE-2016-3052: Under non-standard configurations, IBM WebSphere MQ might send password data in clear text over the Under non-standard configurations, IBM WebSphere MQ might send password data in clear text over the network. This data could be intercepted using man in the middle techniques.
cvelistv5nvd
CVE-2016-3013MEDIUMCVSS 6.5v8.02017-02-22
CVE-2016-3013 [MEDIUM] CWE-19 CVE-2016-3013: IBM WebSphere MQ 8.0 could allow an authenticated user to crash the MQ channel due to improper data IBM WebSphere MQ 8.0 could allow an authenticated user to crash the MQ channel due to improper data conversion handling. IBM Reference #: 1998661.
cvelistv5nvd
CVE-2016-0360CRITICALCVSS 9.8v7.0.1v7.1+3 more2017-02-15
CVE-2016-0360 [CRITICAL] CWE-502 CVE-2016-0360: IBM Websphere MQ JMS 7.0.1, 7.1, 7.5, 8.0, and 9.0 client provides classes that deserialize objects IBM Websphere MQ JMS 7.0.1, 7.1, 7.5, 8.0, and 9.0 client provides classes that deserialize objects from untrusted sources which could allow a malicious user to execute arbitrary Java code by adding vulnerable classes to the classpath. IBM Reference #: 1983457.
cvelistv5nvd