Denial of Service Vulnerability in IBM WebSphere MQ by IBM
CVE-2016-0379

3.1LOW

Key Information:

Vendor: IBM
Status: Websphere MQ
Vendor: CVE Published:; 26 September 2016

What is CVE-2016-0379?

IBM WebSphere MQ versions 7.5 prior to 7.5.0.7 and 8.0 prior to 8.0.0.5 are affected by a vulnerability that improperly manages protocol flows. This could enable remote authenticated users, with queue-manager rights, to trigger a denial of service condition, leading to a channel outage. Organizations using these versions should take immediate steps to upgrade their systems to mitigate potential risks associated with this issue.

References

http://www-01.ibm.com/support/docview.wss?uid=swg21984565

x_refsource_CONFIRM

http://www.securityfocus.com/bid/93146

vdb-entryx_refsource_BID

CVSS V3.1

Score:

3.1

Severity:

LOW

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 26, 2016
Vulnerability Reserved
Dec 8, 2015