Denial of Service Vulnerability in IBM WebSphere MQ
CVE-2016-9009

3.1LOW

Key Information:

Vendor: IBM
Status: Websphere MQ
Vendor: CVE Published:; 24 February 2017

What is CVE-2016-9009?

An authenticated user with privileges to create cluster objects in IBM WebSphere MQ 8.0 can exploit a vulnerability that leads to disruption of service for MQ clustering. This can result in targeted denial of service attacks, impacting the integrity and availability of the messaging service.

Affected Version(s)

WebSphere MQ 8.0

References

http://www.securityfocus.com/bid/96441

vdb-entryx_refsource_BID

http://www.ibm.com/support/docview.wss?uid=swg21998647

x_refsource_CONFIRM

CVSS V3.1

Score:

3.1

Severity:

LOW

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 24, 2017
Vulnerability Reserved
Oct 25, 2016