Ibm: >> Websphere Mq >> 8.0.0.6 Security Vulnerabilities
IBM WebSphere MQ 8.0 and 9.0, when configured to use a PAM module for authentication, could allow a user to cause a deadlock in the IBM MQ PAM code which could result in a denial of service. IBM X-Force ID: 138949.
CVSS Score
3.7
EPSS Score
0.009
Published
2018-06-15
IBM WebSphere MQ 8.0 through 8.0.0.8 and 9.0 through 9.0.4 under special circumstances could allow an authenticated user to consume all resources due to a memory leak resulting in service loss. IBM X-Force ID: 136975.
CVSS Score
5.3
EPSS Score
0.003
Published
2018-04-23
IBM WebSphere MQ 7.0, 7.1, 7.5, 8.0, and 9.0 service trace module could be used to execute untrusted code under 'mqm' user. IBM X-Force ID: 132953.
CVSS Score
7.8
EPSS Score
0.001
Published
2018-01-09
IBM MQ Managed File Transfer Agent 8.0 and 9.0 sets insecure permissions on certain files it creates. A local attacker could exploit this vulnerability to modify or delete data contained in the files with an unknown impact. IBM X-Force ID: 134391.
CVSS Score
3.3
EPSS Score
0.0
Published
2018-01-04
IBM WebSphere MQ 8.0 and 9.0 could allow an authenticated user with authority to send a specially crafted request that could cause a channel process to cease processing further requests. IBM X-Force ID: 131547.
CVSS Score
4.3
EPSS Score
0.004
Published
2018-01-02
IBM WebSphere MQ 7.5, 8.0, and 9.0 could allow a local user to crash the queue manager agent thread and expose some sensitive information. IBM X-Force ID: 126454.
CVSS Score
7.1
EPSS Score
0.0
Published
2017-12-11
IBM WebSphere MQ 8.0 and 9.0 could allow, under special circumstances, an unauthorized user to access an object which they should have been denied access. IBM X-Force ID: 126456.
CVSS Score
3.7
EPSS Score
0.002
Published
2017-12-07
IBM WebSphere MQ 7.5, 8.0, and 9.0 could allow an authenticated user to insert messages with a corrupt RFH header into the channel which would cause it to restart. IBM X-Force ID: 127803.
CVSS Score
6.5
EPSS Score
0.004
Published
2017-12-07
IBM WebSphere MQ 8.0 and 9.0 could allow an authenticated user to cause a shared memory leak by MQ applications using dynamic queues, which can lead to lack of resources for other MQ applications. IBM X-Force ID: 125144.
CVSS Score
4.3
EPSS Score
0.003
Published
2017-11-27
IBM WebSphere MQ 8.0 could allow an authenticated user to cause a premature termination of a client application thread which could potentially cause denial of service. IBM X-Force ID: 123914.
CVSS Score
6.5
EPSS Score
0.004
Published
2017-09-25