Denial of Service Vulnerability in IBM WebSphere MQ Light
CVE-2015-4943

5.3MEDIUM

Key Information:

Vendor

IBM
Status
Websphere MQ Light
Vendor
CVE Published:
1 January 2016

What is CVE-2015-4943?

IBM WebSphere MQ Light versions prior to 1.0.2 are susceptible to a specific denial of service vulnerability. Remote attackers can exploit this issue by executing a series of rapid connect and disconnect actions. This sequence of operations can lead to the failure of the MQXR service, resulting in service downtime. Addressing this vulnerability is critical to ensuring reliable communication processes within applications that rely on WebSphere MQ Light.

References

https://www-01.ibm.com/support/docview.wss?uid=swg21972021
x_refsource_CONFIRM
http://www.securityfocus.com/bid/79689
vdb-entryx_refsource_BID
http://www.securitytracker.com/id/1034581
vdb-entryx_refsource_SECTRACK

CVSS V3.1

Score:
5.3
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.