Search criteria
16 vulnerabilities found for WebSphere MQ by IBM Corporation
CVE-2017-1145 (GCVE-0-2017-1145)
Vulnerability from cvelistv5 – Published: 2017-03-20 16:00 – Updated: 2024-08-05 13:25
VLAI?
Summary
IBM WebSphere MQ 8.0.0.6 does not properly terminate channel agents when they are no longer needed, which could allow a user to cause a denial of service through resource exhaustion. IBM Reference #: 1999672.
Severity ?
No CVSS data available.
CWE
- Denial of Service
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| IBM Corporation | WebSphere MQ |
Affected:
8.0.0.6
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T13:25:17.194Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21999672"
},
{
"name": "96759",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/96759"
},
{
"name": "1038068",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038068"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "WebSphere MQ",
"vendor": "IBM Corporation",
"versions": [
{
"status": "affected",
"version": "8.0.0.6"
}
]
}
],
"datePublic": "2017-03-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM WebSphere MQ 8.0.0.6 does not properly terminate channel agents when they are no longer needed, which could allow a user to cause a denial of service through resource exhaustion. IBM Reference #: 1999672."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of Service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-11T09:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21999672"
},
{
"name": "96759",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/96759"
},
{
"name": "1038068",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038068"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2017-1145",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "WebSphere MQ",
"version": {
"version_data": [
{
"version_value": "8.0.0.6"
}
]
}
}
]
},
"vendor_name": "IBM Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM WebSphere MQ 8.0.0.6 does not properly terminate channel agents when they are no longer needed, which could allow a user to cause a denial of service through resource exhaustion. IBM Reference #: 1999672."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of Service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg21999672",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg21999672"
},
{
"name": "96759",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96759"
},
{
"name": "1038068",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038068"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2017-1145",
"datePublished": "2017-03-20T16:00:00",
"dateReserved": "2016-11-30T00:00:00",
"dateUpdated": "2024-08-05T13:25:17.194Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-8971 (GCVE-0-2016-8971)
Vulnerability from cvelistv5 – Published: 2017-03-07 17:00 – Updated: 2024-08-06 02:35
VLAI?
Summary
IBM WebSphere MQ 8.0 could allow an authenticated user with queue manager permissions to cause a segmentation fault which would result in the box having to be rebooted to resume normal operations. IBM Reference #: 1998663.
Severity ?
No CVSS data available.
CWE
- Denial of Service
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| IBM Corporation | WebSphere MQ |
Affected:
5.1
Affected: 5.3 Affected: 6.0 Affected: 7.0 Affected: 5.30.0 Affected: 6.0.1.0 Affected: 6.0.1.1 Affected: 6.0.2.0 Affected: 6.0.2.1 Affected: 6.0.2.10 Affected: 6.0.2.2 Affected: 6.0.2.3 Affected: 6.0.2.4 Affected: 6.0.2.5 Affected: 6.0.2.6 Affected: 6.0.2.7 Affected: 6.0.2.8 Affected: 6.0.2.9 Affected: 7.0.0.1 Affected: 7.0.0.2 Affected: 7.0.1.0 Affected: 7.0.1.1 Affected: 7.0.1.2 Affected: 7.0.1.3 Affected: 7.0.1.4 Affected: 7.1 Affected: 7.5 Affected: 7.5.0.1 Affected: 7.1.0.1 Affected: 7.1.0.2 Affected: 7.0.1 Affected: 7.0.1.5 Affected: 7.0.1.6 Affected: 7.0.1.8 Affected: 7.0.1.7 Affected: 7.0.1.9 Affected: 7.0.1.10 Affected: 7.0.2 Affected: 7.0.3 Affected: 7.0.4 Affected: 7.0.4.1 Affected: 7.0.4.2 Affected: 7.0.4.3 Affected: 7.5.0.2 Affected: 7.1.0.3 Affected: 7.1.0.4 Affected: 7.5.0.3 Affected: 8.0.0.0 Affected: 8.0.0.1 Affected: 7.5.0.4 Affected: 8.0 Affected: 5.3.1 Affected: 6.0.1 Affected: 6.0.1.2 Affected: 6.0.2 Affected: 6.0.2.11 Affected: 6.0.2.12 Affected: 7.0.1.11 Affected: 7.0.1.12 Affected: 2.1 Affected: 7.1.0.5 Affected: 2.0 Affected: 8.0.0.2 Affected: 8 Affected: 8.0.0.4 Affected: 8.0.0.3 Affected: 9.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:35:02.823Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.ibm.com/support/docview.wss?uid=swg21998663"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "WebSphere MQ",
"vendor": "IBM Corporation",
"versions": [
{
"status": "affected",
"version": "5.1"
},
{
"status": "affected",
"version": "5.3"
},
{
"status": "affected",
"version": "6.0"
},
{
"status": "affected",
"version": "7.0"
},
{
"status": "affected",
"version": "5.30.0"
},
{
"status": "affected",
"version": "6.0.1.0"
},
{
"status": "affected",
"version": "6.0.1.1"
},
{
"status": "affected",
"version": "6.0.2.0"
},
{
"status": "affected",
"version": "6.0.2.1"
},
{
"status": "affected",
"version": "6.0.2.10"
},
{
"status": "affected",
"version": "6.0.2.2"
},
{
"status": "affected",
"version": "6.0.2.3"
},
{
"status": "affected",
"version": "6.0.2.4"
},
{
"status": "affected",
"version": "6.0.2.5"
},
{
"status": "affected",
"version": "6.0.2.6"
},
{
"status": "affected",
"version": "6.0.2.7"
},
{
"status": "affected",
"version": "6.0.2.8"
},
{
"status": "affected",
"version": "6.0.2.9"
},
{
"status": "affected",
"version": "7.0.0.1"
},
{
"status": "affected",
"version": "7.0.0.2"
},
{
"status": "affected",
"version": "7.0.1.0"
},
{
"status": "affected",
"version": "7.0.1.1"
},
{
"status": "affected",
"version": "7.0.1.2"
},
{
"status": "affected",
"version": "7.0.1.3"
},
{
"status": "affected",
"version": "7.0.1.4"
},
{
"status": "affected",
"version": "7.1"
},
{
"status": "affected",
"version": "7.5"
},
{
"status": "affected",
"version": "7.5.0.1"
},
{
"status": "affected",
"version": "7.1.0.1"
},
{
"status": "affected",
"version": "7.1.0.2"
},
{
"status": "affected",
"version": "7.0.1"
},
{
"status": "affected",
"version": "7.0.1.5"
},
{
"status": "affected",
"version": "7.0.1.6"
},
{
"status": "affected",
"version": "7.0.1.8"
},
{
"status": "affected",
"version": "7.0.1.7"
},
{
"status": "affected",
"version": "7.0.1.9"
},
{
"status": "affected",
"version": "7.0.1.10"
},
{
"status": "affected",
"version": "7.0.2"
},
{
"status": "affected",
"version": "7.0.3"
},
{
"status": "affected",
"version": "7.0.4"
},
{
"status": "affected",
"version": "7.0.4.1"
},
{
"status": "affected",
"version": "7.0.4.2"
},
{
"status": "affected",
"version": "7.0.4.3"
},
{
"status": "affected",
"version": "7.5.0.2"
},
{
"status": "affected",
"version": "7.1.0.3"
},
{
"status": "affected",
"version": "7.1.0.4"
},
{
"status": "affected",
"version": "7.5.0.3"
},
{
"status": "affected",
"version": "8.0.0.0"
},
{
"status": "affected",
"version": "8.0.0.1"
},
{
"status": "affected",
"version": "7.5.0.4"
},
{
"status": "affected",
"version": "8.0"
},
{
"status": "affected",
"version": "5.3.1"
},
{
"status": "affected",
"version": "6.0.1"
},
{
"status": "affected",
"version": "6.0.1.2"
},
{
"status": "affected",
"version": "6.0.2"
},
{
"status": "affected",
"version": "6.0.2.11"
},
{
"status": "affected",
"version": "6.0.2.12"
},
{
"status": "affected",
"version": "7.0.1.11"
},
{
"status": "affected",
"version": "7.0.1.12"
},
{
"status": "affected",
"version": "2.1"
},
{
"status": "affected",
"version": "7.1.0.5"
},
{
"status": "affected",
"version": "2.0"
},
{
"status": "affected",
"version": "8.0.0.2"
},
{
"status": "affected",
"version": "8"
},
{
"status": "affected",
"version": "8.0.0.4"
},
{
"status": "affected",
"version": "8.0.0.3"
},
{
"status": "affected",
"version": "9.0"
}
]
}
],
"datePublic": "2017-02-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM WebSphere MQ 8.0 could allow an authenticated user with queue manager permissions to cause a segmentation fault which would result in the box having to be rebooted to resume normal operations. IBM Reference #: 1998663."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of Service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-03-07T16:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.ibm.com/support/docview.wss?uid=swg21998663"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2016-8971",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "WebSphere MQ",
"version": {
"version_data": [
{
"version_value": "5.1"
},
{
"version_value": "5.3"
},
{
"version_value": "6.0"
},
{
"version_value": "7.0"
},
{
"version_value": "5.30.0"
},
{
"version_value": "6.0.1.0"
},
{
"version_value": "6.0.1.1"
},
{
"version_value": "6.0.2.0"
},
{
"version_value": "6.0.2.1"
},
{
"version_value": "6.0.2.10"
},
{
"version_value": "6.0.2.2"
},
{
"version_value": "6.0.2.3"
},
{
"version_value": "6.0.2.4"
},
{
"version_value": "6.0.2.5"
},
{
"version_value": "6.0.2.6"
},
{
"version_value": "6.0.2.7"
},
{
"version_value": "6.0.2.8"
},
{
"version_value": "6.0.2.9"
},
{
"version_value": "7.0.0.1"
},
{
"version_value": "7.0.0.2"
},
{
"version_value": "7.0.1.0"
},
{
"version_value": "7.0.1.1"
},
{
"version_value": "7.0.1.2"
},
{
"version_value": "7.0.1.3"
},
{
"version_value": "7.0.1.4"
},
{
"version_value": "7.1"
},
{
"version_value": "7.0"
},
{
"version_value": "7.5"
},
{
"version_value": "7.5.0.1"
},
{
"version_value": "7.1.0.1"
},
{
"version_value": "7.1.0.2"
},
{
"version_value": "7.0.1"
},
{
"version_value": "7.0.1.5"
},
{
"version_value": "7.0.1.6"
},
{
"version_value": "7.0.1.8"
},
{
"version_value": "7.0.1.7"
},
{
"version_value": "7.0.1.9"
},
{
"version_value": "7.0.1.10"
},
{
"version_value": "7.0.2"
},
{
"version_value": "7.0.3"
},
{
"version_value": "7.0.4"
},
{
"version_value": "7.0.4.1"
},
{
"version_value": "7.0.4.2"
},
{
"version_value": "7.0.4.3"
},
{
"version_value": "7.5.0.2"
},
{
"version_value": "7.1.0.3"
},
{
"version_value": "7.1.0.4"
},
{
"version_value": "7.5.0.3"
},
{
"version_value": "8.0.0.0"
},
{
"version_value": "8.0.0.1"
},
{
"version_value": "7.5.0.4"
},
{
"version_value": "8.0"
},
{
"version_value": "5.3.1"
},
{
"version_value": "6.0.1"
},
{
"version_value": "6.0.1.2"
},
{
"version_value": "6.0.2"
},
{
"version_value": "6.0.2.11"
},
{
"version_value": "6.0.2.12"
},
{
"version_value": "7.0.1.11"
},
{
"version_value": "7.0.1.12"
},
{
"version_value": "2.1"
},
{
"version_value": "7.1.0.5"
},
{
"version_value": "2.0"
},
{
"version_value": "8.0.0.2"
},
{
"version_value": "8"
},
{
"version_value": "8.0.0.4"
},
{
"version_value": "8.0.0.3"
},
{
"version_value": "9.0"
}
]
}
}
]
},
"vendor_name": "IBM Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM WebSphere MQ 8.0 could allow an authenticated user with queue manager permissions to cause a segmentation fault which would result in the box having to be rebooted to resume normal operations. IBM Reference #: 1998663."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of Service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.ibm.com/support/docview.wss?uid=swg21998663",
"refsource": "CONFIRM",
"url": "https://www.ibm.com/support/docview.wss?uid=swg21998663"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2016-8971",
"datePublished": "2017-03-07T17:00:00",
"dateReserved": "2016-10-25T00:00:00",
"dateUpdated": "2024-08-06T02:35:02.823Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-9009 (GCVE-0-2016-9009)
Vulnerability from cvelistv5 – Published: 2017-02-24 18:00 – Updated: 2024-08-06 02:35
VLAI?
Summary
IBM WebSphere MQ 8.0 could allow an authenticated user with authority to create a cluster object to cause a denial of service to MQ clustering. IBM Reference #: 1998647.
Severity ?
No CVSS data available.
CWE
- Denial of Service
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| IBM Corporation | WebSphere MQ |
Affected:
8.0
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:35:02.449Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "96441",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/96441"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21998647"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "WebSphere MQ",
"vendor": "IBM Corporation",
"versions": [
{
"status": "affected",
"version": "8.0"
}
]
}
],
"datePublic": "2017-02-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM WebSphere MQ 8.0 could allow an authenticated user with authority to create a cluster object to cause a denial of service to MQ clustering. IBM Reference #: 1998647."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of Service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-03-01T10:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"name": "96441",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/96441"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21998647"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2016-9009",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "WebSphere MQ",
"version": {
"version_data": [
{
"version_value": "8.0"
}
]
}
}
]
},
"vendor_name": "IBM Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM WebSphere MQ 8.0 could allow an authenticated user with authority to create a cluster object to cause a denial of service to MQ clustering. IBM Reference #: 1998647."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of Service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "96441",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96441"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg21998647",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg21998647"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2016-9009",
"datePublished": "2017-02-24T18:00:00",
"dateReserved": "2016-10-25T00:00:00",
"dateUpdated": "2024-08-06T02:35:02.449Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-8915 (GCVE-0-2016-8915)
Vulnerability from cvelistv5 – Published: 2017-02-22 19:00 – Updated: 2024-08-06 02:35
VLAI?
Summary
IBM WebSphere MQ 8.0 could allow an authenticated user with access to the queue manager and queue, to deny service to other channels running under the same process. IBM Reference #: 1998649.
Severity ?
No CVSS data available.
CWE
- Denial of Service
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| IBM Corporation | WebSphere MQ |
Affected:
8.0
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:35:02.297Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21998649"
},
{
"name": "96403",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/96403"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "WebSphere MQ",
"vendor": "IBM Corporation",
"versions": [
{
"status": "affected",
"version": "8.0"
}
]
}
],
"datePublic": "2017-02-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM WebSphere MQ 8.0 could allow an authenticated user with access to the queue manager and queue, to deny service to other channels running under the same process. IBM Reference #: 1998649."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of Service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-03-01T10:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21998649"
},
{
"name": "96403",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/96403"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2016-8915",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "WebSphere MQ",
"version": {
"version_data": [
{
"version_value": "8.0"
}
]
}
}
]
},
"vendor_name": "IBM Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM WebSphere MQ 8.0 could allow an authenticated user with access to the queue manager and queue, to deny service to other channels running under the same process. IBM Reference #: 1998649."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of Service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg21998649",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg21998649"
},
{
"name": "96403",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96403"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2016-8915",
"datePublished": "2017-02-22T19:00:00",
"dateReserved": "2016-10-25T00:00:00",
"dateUpdated": "2024-08-06T02:35:02.297Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-3052 (GCVE-0-2016-3052)
Vulnerability from cvelistv5 – Published: 2017-02-22 19:00 – Updated: 2024-08-05 23:40
VLAI?
Summary
Under non-standard configurations, IBM WebSphere MQ might send password data in clear text over the network. This data could be intercepted using man in the middle techniques.
Severity ?
No CVSS data available.
CWE
- Obtain Information
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| IBM Corporation | WebSphere MQ |
Affected:
8.0
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T23:40:15.191Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21998660"
},
{
"name": "96400",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/96400"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "WebSphere MQ",
"vendor": "IBM Corporation",
"versions": [
{
"status": "affected",
"version": "8.0"
}
]
}
],
"datePublic": "2017-02-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Under non-standard configurations, IBM WebSphere MQ might send password data in clear text over the network. This data could be intercepted using man in the middle techniques."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Obtain Information",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-11T12:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21998660"
},
{
"name": "96400",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/96400"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2016-3052",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "WebSphere MQ",
"version": {
"version_data": [
{
"version_value": "8.0"
}
]
}
}
]
},
"vendor_name": "IBM Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Under non-standard configurations, IBM WebSphere MQ might send password data in clear text over the network. This data could be intercepted using man in the middle techniques."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Obtain Information"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg21998660",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg21998660"
},
{
"name": "96400",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96400"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2016-3052",
"datePublished": "2017-02-22T19:00:00",
"dateReserved": "2016-03-09T00:00:00",
"dateUpdated": "2024-08-05T23:40:15.191Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-8986 (GCVE-0-2016-8986)
Vulnerability from cvelistv5 – Published: 2017-02-22 19:00 – Updated: 2024-08-06 02:35
VLAI?
Summary
IBM WebSphere MQ 8.0 could allow an authenticated user with access to the queue manager to bring down MQ channels using specially crafted HTTP requests. IBM Reference #: 1998648.
Severity ?
No CVSS data available.
CWE
- Denial of Service
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| IBM Corporation | WebSphere MQ |
Affected:
8.0
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:35:02.362Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "96412",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/96412"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21998648"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "WebSphere MQ",
"vendor": "IBM Corporation",
"versions": [
{
"status": "affected",
"version": "8.0"
}
]
}
],
"datePublic": "2017-02-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM WebSphere MQ 8.0 could allow an authenticated user with access to the queue manager to bring down MQ channels using specially crafted HTTP requests. IBM Reference #: 1998648."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of Service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-03-01T10:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"name": "96412",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/96412"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21998648"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2016-8986",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "WebSphere MQ",
"version": {
"version_data": [
{
"version_value": "8.0"
}
]
}
}
]
},
"vendor_name": "IBM Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM WebSphere MQ 8.0 could allow an authenticated user with access to the queue manager to bring down MQ channels using specially crafted HTTP requests. IBM Reference #: 1998648."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of Service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "96412",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96412"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg21998648",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg21998648"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2016-8986",
"datePublished": "2017-02-22T19:00:00",
"dateReserved": "2016-10-25T00:00:00",
"dateUpdated": "2024-08-06T02:35:02.362Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-3013 (GCVE-0-2016-3013)
Vulnerability from cvelistv5 – Published: 2017-02-22 19:00 – Updated: 2024-08-05 23:40
VLAI?
Summary
IBM WebSphere MQ 8.0 could allow an authenticated user to crash the MQ channel due to improper data conversion handling. IBM Reference #: 1998661.
Severity ?
No CVSS data available.
CWE
- Denial of Service
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| IBM Corporation | WebSphere MQ |
Affected:
8.0
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T23:40:15.140Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "96394",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/96394"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21998661"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "WebSphere MQ",
"vendor": "IBM Corporation",
"versions": [
{
"status": "affected",
"version": "8.0"
}
]
}
],
"datePublic": "2017-02-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM WebSphere MQ 8.0 could allow an authenticated user to crash the MQ channel due to improper data conversion handling. IBM Reference #: 1998661."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of Service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-03-01T10:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"name": "96394",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/96394"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21998661"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2016-3013",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "WebSphere MQ",
"version": {
"version_data": [
{
"version_value": "8.0"
}
]
}
}
]
},
"vendor_name": "IBM Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM WebSphere MQ 8.0 could allow an authenticated user to crash the MQ channel due to improper data conversion handling. IBM Reference #: 1998661."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of Service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "96394",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96394"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg21998661",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg21998661"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2016-3013",
"datePublished": "2017-02-22T19:00:00",
"dateReserved": "2016-03-09T00:00:00",
"dateUpdated": "2024-08-05T23:40:15.140Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-0360 (GCVE-0-2016-0360)
Vulnerability from cvelistv5 – Published: 2017-02-15 19:00 – Updated: 2024-08-05 22:15
VLAI?
Summary
IBM Websphere MQ JMS 7.0.1, 7.1, 7.5, 8.0, and 9.0 client provides classes that deserialize objects from untrusted sources which could allow a malicious user to execute arbitrary Java code by adding vulnerable classes to the classpath. IBM Reference #: 1983457.
Severity ?
No CVSS data available.
CWE
- Gain Access
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| IBM Corporation | WebSphere MQ |
Affected:
7.0.1
Affected: 7.1 Affected: 7.5 Affected: 8.0 Affected: 9.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:15:24.270Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "95317",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/95317"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21983457"
},
{
"name": "1037561",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037561"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "WebSphere MQ",
"vendor": "IBM Corporation",
"versions": [
{
"status": "affected",
"version": "7.0.1"
},
{
"status": "affected",
"version": "7.1"
},
{
"status": "affected",
"version": "7.5"
},
{
"status": "affected",
"version": "8.0"
},
{
"status": "affected",
"version": "9.0"
}
]
}
],
"datePublic": "2017-02-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM Websphere MQ JMS 7.0.1, 7.1, 7.5, 8.0, and 9.0 client provides classes that deserialize objects from untrusted sources which could allow a malicious user to execute arbitrary Java code by adding vulnerable classes to the classpath. IBM Reference #: 1983457."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Gain Access",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-26T09:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"name": "95317",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/95317"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21983457"
},
{
"name": "1037561",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1037561"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2016-0360",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "WebSphere MQ",
"version": {
"version_data": [
{
"version_value": "7.0.1"
},
{
"version_value": "7.1"
},
{
"version_value": "7.5"
},
{
"version_value": "8.0"
},
{
"version_value": "9.0"
}
]
}
}
]
},
"vendor_name": "IBM Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Websphere MQ JMS 7.0.1, 7.1, 7.5, 8.0, and 9.0 client provides classes that deserialize objects from untrusted sources which could allow a malicious user to execute arbitrary Java code by adding vulnerable classes to the classpath. IBM Reference #: 1983457."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Gain Access"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "95317",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95317"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21983457",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21983457"
},
{
"name": "1037561",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037561"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2016-0360",
"datePublished": "2017-02-15T19:00:00",
"dateReserved": "2015-12-08T00:00:00",
"dateUpdated": "2024-08-05T22:15:24.270Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-1145 (GCVE-0-2017-1145)
Vulnerability from nvd – Published: 2017-03-20 16:00 – Updated: 2024-08-05 13:25
VLAI?
Summary
IBM WebSphere MQ 8.0.0.6 does not properly terminate channel agents when they are no longer needed, which could allow a user to cause a denial of service through resource exhaustion. IBM Reference #: 1999672.
Severity ?
No CVSS data available.
CWE
- Denial of Service
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| IBM Corporation | WebSphere MQ |
Affected:
8.0.0.6
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T13:25:17.194Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21999672"
},
{
"name": "96759",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/96759"
},
{
"name": "1038068",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038068"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "WebSphere MQ",
"vendor": "IBM Corporation",
"versions": [
{
"status": "affected",
"version": "8.0.0.6"
}
]
}
],
"datePublic": "2017-03-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM WebSphere MQ 8.0.0.6 does not properly terminate channel agents when they are no longer needed, which could allow a user to cause a denial of service through resource exhaustion. IBM Reference #: 1999672."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of Service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-11T09:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21999672"
},
{
"name": "96759",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/96759"
},
{
"name": "1038068",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038068"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2017-1145",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "WebSphere MQ",
"version": {
"version_data": [
{
"version_value": "8.0.0.6"
}
]
}
}
]
},
"vendor_name": "IBM Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM WebSphere MQ 8.0.0.6 does not properly terminate channel agents when they are no longer needed, which could allow a user to cause a denial of service through resource exhaustion. IBM Reference #: 1999672."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of Service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg21999672",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg21999672"
},
{
"name": "96759",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96759"
},
{
"name": "1038068",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038068"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2017-1145",
"datePublished": "2017-03-20T16:00:00",
"dateReserved": "2016-11-30T00:00:00",
"dateUpdated": "2024-08-05T13:25:17.194Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-8971 (GCVE-0-2016-8971)
Vulnerability from nvd – Published: 2017-03-07 17:00 – Updated: 2024-08-06 02:35
VLAI?
Summary
IBM WebSphere MQ 8.0 could allow an authenticated user with queue manager permissions to cause a segmentation fault which would result in the box having to be rebooted to resume normal operations. IBM Reference #: 1998663.
Severity ?
No CVSS data available.
CWE
- Denial of Service
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| IBM Corporation | WebSphere MQ |
Affected:
5.1
Affected: 5.3 Affected: 6.0 Affected: 7.0 Affected: 5.30.0 Affected: 6.0.1.0 Affected: 6.0.1.1 Affected: 6.0.2.0 Affected: 6.0.2.1 Affected: 6.0.2.10 Affected: 6.0.2.2 Affected: 6.0.2.3 Affected: 6.0.2.4 Affected: 6.0.2.5 Affected: 6.0.2.6 Affected: 6.0.2.7 Affected: 6.0.2.8 Affected: 6.0.2.9 Affected: 7.0.0.1 Affected: 7.0.0.2 Affected: 7.0.1.0 Affected: 7.0.1.1 Affected: 7.0.1.2 Affected: 7.0.1.3 Affected: 7.0.1.4 Affected: 7.1 Affected: 7.5 Affected: 7.5.0.1 Affected: 7.1.0.1 Affected: 7.1.0.2 Affected: 7.0.1 Affected: 7.0.1.5 Affected: 7.0.1.6 Affected: 7.0.1.8 Affected: 7.0.1.7 Affected: 7.0.1.9 Affected: 7.0.1.10 Affected: 7.0.2 Affected: 7.0.3 Affected: 7.0.4 Affected: 7.0.4.1 Affected: 7.0.4.2 Affected: 7.0.4.3 Affected: 7.5.0.2 Affected: 7.1.0.3 Affected: 7.1.0.4 Affected: 7.5.0.3 Affected: 8.0.0.0 Affected: 8.0.0.1 Affected: 7.5.0.4 Affected: 8.0 Affected: 5.3.1 Affected: 6.0.1 Affected: 6.0.1.2 Affected: 6.0.2 Affected: 6.0.2.11 Affected: 6.0.2.12 Affected: 7.0.1.11 Affected: 7.0.1.12 Affected: 2.1 Affected: 7.1.0.5 Affected: 2.0 Affected: 8.0.0.2 Affected: 8 Affected: 8.0.0.4 Affected: 8.0.0.3 Affected: 9.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:35:02.823Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.ibm.com/support/docview.wss?uid=swg21998663"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "WebSphere MQ",
"vendor": "IBM Corporation",
"versions": [
{
"status": "affected",
"version": "5.1"
},
{
"status": "affected",
"version": "5.3"
},
{
"status": "affected",
"version": "6.0"
},
{
"status": "affected",
"version": "7.0"
},
{
"status": "affected",
"version": "5.30.0"
},
{
"status": "affected",
"version": "6.0.1.0"
},
{
"status": "affected",
"version": "6.0.1.1"
},
{
"status": "affected",
"version": "6.0.2.0"
},
{
"status": "affected",
"version": "6.0.2.1"
},
{
"status": "affected",
"version": "6.0.2.10"
},
{
"status": "affected",
"version": "6.0.2.2"
},
{
"status": "affected",
"version": "6.0.2.3"
},
{
"status": "affected",
"version": "6.0.2.4"
},
{
"status": "affected",
"version": "6.0.2.5"
},
{
"status": "affected",
"version": "6.0.2.6"
},
{
"status": "affected",
"version": "6.0.2.7"
},
{
"status": "affected",
"version": "6.0.2.8"
},
{
"status": "affected",
"version": "6.0.2.9"
},
{
"status": "affected",
"version": "7.0.0.1"
},
{
"status": "affected",
"version": "7.0.0.2"
},
{
"status": "affected",
"version": "7.0.1.0"
},
{
"status": "affected",
"version": "7.0.1.1"
},
{
"status": "affected",
"version": "7.0.1.2"
},
{
"status": "affected",
"version": "7.0.1.3"
},
{
"status": "affected",
"version": "7.0.1.4"
},
{
"status": "affected",
"version": "7.1"
},
{
"status": "affected",
"version": "7.5"
},
{
"status": "affected",
"version": "7.5.0.1"
},
{
"status": "affected",
"version": "7.1.0.1"
},
{
"status": "affected",
"version": "7.1.0.2"
},
{
"status": "affected",
"version": "7.0.1"
},
{
"status": "affected",
"version": "7.0.1.5"
},
{
"status": "affected",
"version": "7.0.1.6"
},
{
"status": "affected",
"version": "7.0.1.8"
},
{
"status": "affected",
"version": "7.0.1.7"
},
{
"status": "affected",
"version": "7.0.1.9"
},
{
"status": "affected",
"version": "7.0.1.10"
},
{
"status": "affected",
"version": "7.0.2"
},
{
"status": "affected",
"version": "7.0.3"
},
{
"status": "affected",
"version": "7.0.4"
},
{
"status": "affected",
"version": "7.0.4.1"
},
{
"status": "affected",
"version": "7.0.4.2"
},
{
"status": "affected",
"version": "7.0.4.3"
},
{
"status": "affected",
"version": "7.5.0.2"
},
{
"status": "affected",
"version": "7.1.0.3"
},
{
"status": "affected",
"version": "7.1.0.4"
},
{
"status": "affected",
"version": "7.5.0.3"
},
{
"status": "affected",
"version": "8.0.0.0"
},
{
"status": "affected",
"version": "8.0.0.1"
},
{
"status": "affected",
"version": "7.5.0.4"
},
{
"status": "affected",
"version": "8.0"
},
{
"status": "affected",
"version": "5.3.1"
},
{
"status": "affected",
"version": "6.0.1"
},
{
"status": "affected",
"version": "6.0.1.2"
},
{
"status": "affected",
"version": "6.0.2"
},
{
"status": "affected",
"version": "6.0.2.11"
},
{
"status": "affected",
"version": "6.0.2.12"
},
{
"status": "affected",
"version": "7.0.1.11"
},
{
"status": "affected",
"version": "7.0.1.12"
},
{
"status": "affected",
"version": "2.1"
},
{
"status": "affected",
"version": "7.1.0.5"
},
{
"status": "affected",
"version": "2.0"
},
{
"status": "affected",
"version": "8.0.0.2"
},
{
"status": "affected",
"version": "8"
},
{
"status": "affected",
"version": "8.0.0.4"
},
{
"status": "affected",
"version": "8.0.0.3"
},
{
"status": "affected",
"version": "9.0"
}
]
}
],
"datePublic": "2017-02-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM WebSphere MQ 8.0 could allow an authenticated user with queue manager permissions to cause a segmentation fault which would result in the box having to be rebooted to resume normal operations. IBM Reference #: 1998663."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of Service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-03-07T16:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.ibm.com/support/docview.wss?uid=swg21998663"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2016-8971",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "WebSphere MQ",
"version": {
"version_data": [
{
"version_value": "5.1"
},
{
"version_value": "5.3"
},
{
"version_value": "6.0"
},
{
"version_value": "7.0"
},
{
"version_value": "5.30.0"
},
{
"version_value": "6.0.1.0"
},
{
"version_value": "6.0.1.1"
},
{
"version_value": "6.0.2.0"
},
{
"version_value": "6.0.2.1"
},
{
"version_value": "6.0.2.10"
},
{
"version_value": "6.0.2.2"
},
{
"version_value": "6.0.2.3"
},
{
"version_value": "6.0.2.4"
},
{
"version_value": "6.0.2.5"
},
{
"version_value": "6.0.2.6"
},
{
"version_value": "6.0.2.7"
},
{
"version_value": "6.0.2.8"
},
{
"version_value": "6.0.2.9"
},
{
"version_value": "7.0.0.1"
},
{
"version_value": "7.0.0.2"
},
{
"version_value": "7.0.1.0"
},
{
"version_value": "7.0.1.1"
},
{
"version_value": "7.0.1.2"
},
{
"version_value": "7.0.1.3"
},
{
"version_value": "7.0.1.4"
},
{
"version_value": "7.1"
},
{
"version_value": "7.0"
},
{
"version_value": "7.5"
},
{
"version_value": "7.5.0.1"
},
{
"version_value": "7.1.0.1"
},
{
"version_value": "7.1.0.2"
},
{
"version_value": "7.0.1"
},
{
"version_value": "7.0.1.5"
},
{
"version_value": "7.0.1.6"
},
{
"version_value": "7.0.1.8"
},
{
"version_value": "7.0.1.7"
},
{
"version_value": "7.0.1.9"
},
{
"version_value": "7.0.1.10"
},
{
"version_value": "7.0.2"
},
{
"version_value": "7.0.3"
},
{
"version_value": "7.0.4"
},
{
"version_value": "7.0.4.1"
},
{
"version_value": "7.0.4.2"
},
{
"version_value": "7.0.4.3"
},
{
"version_value": "7.5.0.2"
},
{
"version_value": "7.1.0.3"
},
{
"version_value": "7.1.0.4"
},
{
"version_value": "7.5.0.3"
},
{
"version_value": "8.0.0.0"
},
{
"version_value": "8.0.0.1"
},
{
"version_value": "7.5.0.4"
},
{
"version_value": "8.0"
},
{
"version_value": "5.3.1"
},
{
"version_value": "6.0.1"
},
{
"version_value": "6.0.1.2"
},
{
"version_value": "6.0.2"
},
{
"version_value": "6.0.2.11"
},
{
"version_value": "6.0.2.12"
},
{
"version_value": "7.0.1.11"
},
{
"version_value": "7.0.1.12"
},
{
"version_value": "2.1"
},
{
"version_value": "7.1.0.5"
},
{
"version_value": "2.0"
},
{
"version_value": "8.0.0.2"
},
{
"version_value": "8"
},
{
"version_value": "8.0.0.4"
},
{
"version_value": "8.0.0.3"
},
{
"version_value": "9.0"
}
]
}
}
]
},
"vendor_name": "IBM Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM WebSphere MQ 8.0 could allow an authenticated user with queue manager permissions to cause a segmentation fault which would result in the box having to be rebooted to resume normal operations. IBM Reference #: 1998663."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of Service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.ibm.com/support/docview.wss?uid=swg21998663",
"refsource": "CONFIRM",
"url": "https://www.ibm.com/support/docview.wss?uid=swg21998663"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2016-8971",
"datePublished": "2017-03-07T17:00:00",
"dateReserved": "2016-10-25T00:00:00",
"dateUpdated": "2024-08-06T02:35:02.823Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-9009 (GCVE-0-2016-9009)
Vulnerability from nvd – Published: 2017-02-24 18:00 – Updated: 2024-08-06 02:35
VLAI?
Summary
IBM WebSphere MQ 8.0 could allow an authenticated user with authority to create a cluster object to cause a denial of service to MQ clustering. IBM Reference #: 1998647.
Severity ?
No CVSS data available.
CWE
- Denial of Service
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| IBM Corporation | WebSphere MQ |
Affected:
8.0
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:35:02.449Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "96441",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/96441"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21998647"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "WebSphere MQ",
"vendor": "IBM Corporation",
"versions": [
{
"status": "affected",
"version": "8.0"
}
]
}
],
"datePublic": "2017-02-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM WebSphere MQ 8.0 could allow an authenticated user with authority to create a cluster object to cause a denial of service to MQ clustering. IBM Reference #: 1998647."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of Service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-03-01T10:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"name": "96441",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/96441"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21998647"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2016-9009",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "WebSphere MQ",
"version": {
"version_data": [
{
"version_value": "8.0"
}
]
}
}
]
},
"vendor_name": "IBM Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM WebSphere MQ 8.0 could allow an authenticated user with authority to create a cluster object to cause a denial of service to MQ clustering. IBM Reference #: 1998647."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of Service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "96441",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96441"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg21998647",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg21998647"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2016-9009",
"datePublished": "2017-02-24T18:00:00",
"dateReserved": "2016-10-25T00:00:00",
"dateUpdated": "2024-08-06T02:35:02.449Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-8915 (GCVE-0-2016-8915)
Vulnerability from nvd – Published: 2017-02-22 19:00 – Updated: 2024-08-06 02:35
VLAI?
Summary
IBM WebSphere MQ 8.0 could allow an authenticated user with access to the queue manager and queue, to deny service to other channels running under the same process. IBM Reference #: 1998649.
Severity ?
No CVSS data available.
CWE
- Denial of Service
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| IBM Corporation | WebSphere MQ |
Affected:
8.0
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:35:02.297Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21998649"
},
{
"name": "96403",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/96403"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "WebSphere MQ",
"vendor": "IBM Corporation",
"versions": [
{
"status": "affected",
"version": "8.0"
}
]
}
],
"datePublic": "2017-02-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM WebSphere MQ 8.0 could allow an authenticated user with access to the queue manager and queue, to deny service to other channels running under the same process. IBM Reference #: 1998649."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of Service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-03-01T10:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21998649"
},
{
"name": "96403",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/96403"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2016-8915",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "WebSphere MQ",
"version": {
"version_data": [
{
"version_value": "8.0"
}
]
}
}
]
},
"vendor_name": "IBM Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM WebSphere MQ 8.0 could allow an authenticated user with access to the queue manager and queue, to deny service to other channels running under the same process. IBM Reference #: 1998649."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of Service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg21998649",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg21998649"
},
{
"name": "96403",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96403"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2016-8915",
"datePublished": "2017-02-22T19:00:00",
"dateReserved": "2016-10-25T00:00:00",
"dateUpdated": "2024-08-06T02:35:02.297Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-3052 (GCVE-0-2016-3052)
Vulnerability from nvd – Published: 2017-02-22 19:00 – Updated: 2024-08-05 23:40
VLAI?
Summary
Under non-standard configurations, IBM WebSphere MQ might send password data in clear text over the network. This data could be intercepted using man in the middle techniques.
Severity ?
No CVSS data available.
CWE
- Obtain Information
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| IBM Corporation | WebSphere MQ |
Affected:
8.0
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T23:40:15.191Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21998660"
},
{
"name": "96400",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/96400"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "WebSphere MQ",
"vendor": "IBM Corporation",
"versions": [
{
"status": "affected",
"version": "8.0"
}
]
}
],
"datePublic": "2017-02-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Under non-standard configurations, IBM WebSphere MQ might send password data in clear text over the network. This data could be intercepted using man in the middle techniques."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Obtain Information",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-11T12:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21998660"
},
{
"name": "96400",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/96400"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2016-3052",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "WebSphere MQ",
"version": {
"version_data": [
{
"version_value": "8.0"
}
]
}
}
]
},
"vendor_name": "IBM Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Under non-standard configurations, IBM WebSphere MQ might send password data in clear text over the network. This data could be intercepted using man in the middle techniques."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Obtain Information"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg21998660",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg21998660"
},
{
"name": "96400",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96400"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2016-3052",
"datePublished": "2017-02-22T19:00:00",
"dateReserved": "2016-03-09T00:00:00",
"dateUpdated": "2024-08-05T23:40:15.191Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-8986 (GCVE-0-2016-8986)
Vulnerability from nvd – Published: 2017-02-22 19:00 – Updated: 2024-08-06 02:35
VLAI?
Summary
IBM WebSphere MQ 8.0 could allow an authenticated user with access to the queue manager to bring down MQ channels using specially crafted HTTP requests. IBM Reference #: 1998648.
Severity ?
No CVSS data available.
CWE
- Denial of Service
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| IBM Corporation | WebSphere MQ |
Affected:
8.0
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:35:02.362Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "96412",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/96412"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21998648"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "WebSphere MQ",
"vendor": "IBM Corporation",
"versions": [
{
"status": "affected",
"version": "8.0"
}
]
}
],
"datePublic": "2017-02-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM WebSphere MQ 8.0 could allow an authenticated user with access to the queue manager to bring down MQ channels using specially crafted HTTP requests. IBM Reference #: 1998648."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of Service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-03-01T10:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"name": "96412",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/96412"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21998648"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2016-8986",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "WebSphere MQ",
"version": {
"version_data": [
{
"version_value": "8.0"
}
]
}
}
]
},
"vendor_name": "IBM Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM WebSphere MQ 8.0 could allow an authenticated user with access to the queue manager to bring down MQ channels using specially crafted HTTP requests. IBM Reference #: 1998648."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of Service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "96412",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96412"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg21998648",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg21998648"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2016-8986",
"datePublished": "2017-02-22T19:00:00",
"dateReserved": "2016-10-25T00:00:00",
"dateUpdated": "2024-08-06T02:35:02.362Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-3013 (GCVE-0-2016-3013)
Vulnerability from nvd – Published: 2017-02-22 19:00 – Updated: 2024-08-05 23:40
VLAI?
Summary
IBM WebSphere MQ 8.0 could allow an authenticated user to crash the MQ channel due to improper data conversion handling. IBM Reference #: 1998661.
Severity ?
No CVSS data available.
CWE
- Denial of Service
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| IBM Corporation | WebSphere MQ |
Affected:
8.0
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T23:40:15.140Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "96394",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/96394"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21998661"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "WebSphere MQ",
"vendor": "IBM Corporation",
"versions": [
{
"status": "affected",
"version": "8.0"
}
]
}
],
"datePublic": "2017-02-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM WebSphere MQ 8.0 could allow an authenticated user to crash the MQ channel due to improper data conversion handling. IBM Reference #: 1998661."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of Service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-03-01T10:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"name": "96394",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/96394"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21998661"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2016-3013",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "WebSphere MQ",
"version": {
"version_data": [
{
"version_value": "8.0"
}
]
}
}
]
},
"vendor_name": "IBM Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM WebSphere MQ 8.0 could allow an authenticated user to crash the MQ channel due to improper data conversion handling. IBM Reference #: 1998661."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of Service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "96394",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96394"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg21998661",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg21998661"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2016-3013",
"datePublished": "2017-02-22T19:00:00",
"dateReserved": "2016-03-09T00:00:00",
"dateUpdated": "2024-08-05T23:40:15.140Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-0360 (GCVE-0-2016-0360)
Vulnerability from nvd – Published: 2017-02-15 19:00 – Updated: 2024-08-05 22:15
VLAI?
Summary
IBM Websphere MQ JMS 7.0.1, 7.1, 7.5, 8.0, and 9.0 client provides classes that deserialize objects from untrusted sources which could allow a malicious user to execute arbitrary Java code by adding vulnerable classes to the classpath. IBM Reference #: 1983457.
Severity ?
No CVSS data available.
CWE
- Gain Access
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| IBM Corporation | WebSphere MQ |
Affected:
7.0.1
Affected: 7.1 Affected: 7.5 Affected: 8.0 Affected: 9.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:15:24.270Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "95317",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/95317"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21983457"
},
{
"name": "1037561",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037561"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "WebSphere MQ",
"vendor": "IBM Corporation",
"versions": [
{
"status": "affected",
"version": "7.0.1"
},
{
"status": "affected",
"version": "7.1"
},
{
"status": "affected",
"version": "7.5"
},
{
"status": "affected",
"version": "8.0"
},
{
"status": "affected",
"version": "9.0"
}
]
}
],
"datePublic": "2017-02-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM Websphere MQ JMS 7.0.1, 7.1, 7.5, 8.0, and 9.0 client provides classes that deserialize objects from untrusted sources which could allow a malicious user to execute arbitrary Java code by adding vulnerable classes to the classpath. IBM Reference #: 1983457."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Gain Access",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-26T09:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"name": "95317",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/95317"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21983457"
},
{
"name": "1037561",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1037561"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2016-0360",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "WebSphere MQ",
"version": {
"version_data": [
{
"version_value": "7.0.1"
},
{
"version_value": "7.1"
},
{
"version_value": "7.5"
},
{
"version_value": "8.0"
},
{
"version_value": "9.0"
}
]
}
}
]
},
"vendor_name": "IBM Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Websphere MQ JMS 7.0.1, 7.1, 7.5, 8.0, and 9.0 client provides classes that deserialize objects from untrusted sources which could allow a malicious user to execute arbitrary Java code by adding vulnerable classes to the classpath. IBM Reference #: 1983457."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Gain Access"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "95317",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95317"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21983457",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21983457"
},
{
"name": "1037561",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037561"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2016-0360",
"datePublished": "2017-02-15T19:00:00",
"dateReserved": "2015-12-08T00:00:00",
"dateUpdated": "2024-08-05T22:15:24.270Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}