HTTP Request Vulnerability in IBM WebSphere MQ by IBM
CVE-2016-8986

6.5MEDIUM

Key Information:

Vendor: IBM
Status: Websphere MQ
Vendor: CVE Published:; 22 February 2017

What is CVE-2016-8986?

IBM WebSphere MQ 8.0 is susceptible to vulnerabilities that allow authenticated users to disrupt MQ channels. These disruptions can be executed through specially crafted HTTP requests, leading to potential service interruptions and impacting messaging and queue management processes. This issue highlights the importance of securing web interfaces against unauthorized manipulations.

Affected Version(s)

WebSphere MQ 8.0

References

http://www.securityfocus.com/bid/96412

vdb-entryx_refsource_BID

http://www.ibm.com/support/docview.wss?uid=swg21998648

x_refsource_CONFIRM

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 22, 2017
Vulnerability Reserved
Oct 25, 2016