Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Websphere_mq
(Ibm)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 89 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2020-06-16 | CVE-2020-4310 | IBM MQ and MQ Appliance 7.1, 7.5, 8.0, 9.0 LTS, 9.1 LTS, and 9.1 C are vulnerable to a denial of service attack due to an error within the Data Conversion logic. IBM X-Force ID: 177081. | Mq, Websphere_mq | N/A | ||
| 2020-03-16 | CVE-2019-4719 | IBM MQ and IBM MQ Appliance 7.1, 7.5, 8.0, 9.0 LTS, 9.1 LTS, and 9.1 CD could allow a local attacker to obtain sensitive information by inclusion of sensitive data within runmqras data. | Mq, Mq_appliance, Websphere_mq | N/A | ||
| 2020-03-16 | CVE-2019-4619 | IBM MQ and IBM MQ Appliance 7.1, 7.5, 8.0, 9.0 LTS, 9.1 LTS, and 9.1 CD could allow a local attacker to obtain sensitive information by inclusion of sensitive data within trace. IBM X-Force ID: 168862. | Mq, Mq_appliance, Websphere_mq | N/A | ||
| 2020-01-23 | CVE-2012-4863 | IBM WebSphere MQ 7.1 and 7.5: Queue manager has a DoS vulnerability | Websphere_mq | N/A | ||
| 2019-03-11 | CVE-2018-1974 | IBM WebSphere 8.0.0.0 through 9.1.1 could allow an authenticated attacker to escalate their privileges when using multiplexed channels. IBM X-Force ID: 153915. | Websphere_mq | 7.5 | ||
| 2019-04-15 | CVE-2018-1925 | IBM WebShere MQ 9.1.0.0, 9.1.0.1, 9.1.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 152925. | Websphere_mq | 5.9 | ||
| 2018-11-13 | CVE-2018-1792 | IBM WebSphere MQ 8.0.0.0 through 8.0.0.10, 9.0.0.0 through 9.0.0.5, 9.0.1 through 9.0.5, and 9.1.0.0 could allow a local user to inject code that could be executed with root privileges. IBM X-Force ID: 148947. | Websphere_mq | 7.8 | ||
| 2018-08-06 | CVE-2018-1551 | IBM WebSphere MQ 8.0.0.2 through 8.0.0.8 and 9.0.0.0 through 9.0.0.3 could allow users to have more authority than they should have if an MQ administrator creates an invalid user group name. IBM X-Force ID: 142888. | Websphere_mq | 7.5 | ||
| 2018-06-27 | CVE-2018-1543 | IBM WebSphere MQ 8.0 and 9.0 could allow a remote attacker to obtain sensitive information, caused by the failure to properly validate the SSL certificate. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 142598. | Websphere_mq | 5.9 | ||
| 2018-07-23 | CVE-2018-1503 | IBM WebSphere MQ 7.5, 8.0, and 9.0 could allow a remotely authenticated attacker to to send invalid or malformed headers that could cause messages to no longer be transmitted via the affected channel. IBM X-Force ID: 141339. | Websphere_mq | 4.3 |