Data Conversion Vulnerability in IBM WebSphere MQ
CVE-2016-3013

6.5MEDIUM

Key Information:

Vendor: IBM Corporation
Status: WebSphere MQ
Vendor: CVE Published:; 22 February 2017

🔔 Create IBM Corporation Vulnerability Alert

What is CVE-2016-3013?

IBM WebSphere MQ 8.0 has a vulnerability that allows an authenticated user to potentially crash the MQ channel through improper handling of data conversions. This issue arises due to flaws in how data types are processed, potentially leading to service interruptions and instability in messaging services.

Affected Version(s)

WebSphere MQ 8.0

References

http://www.securityfocus.com/bid/96394

vdb-entryx_refsource_BID

http://www.ibm.com/support/docview.wss?uid=swg21998661

x_refsource_CONFIRM

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 22, 2017
Vulnerability Reserved
Mar 9, 2016