CVE-2016-3052

5.9MEDIUM

Key Information:

Vendor: IBM Corporation
Status: WebSphere MQ
Vendor: CVE Published:; 22 February 2017

Summary

Under non-standard configurations, IBM WebSphere MQ might send password data in clear text over the network. This data could be intercepted using man in the middle techniques.

Affected Version(s)

WebSphere MQ 8.0

References

http://www.ibm.com/support/docview.wss?uid=swg21998660

x_refsource_CONFIRM

http://www.securityfocus.com/bid/96400

vdb-entryx_refsource_BID

CVSS V3.1

Score:

5.9

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 22, 2017
Vulnerability Reserved
Mar 9, 2016