Lucene search

[email protected]CVE-2016-0379

HistorySep 26, 2016 - 4:59 a.m.

CVE-2016-0379

2016-09-2604:59:00

CWE-19

[email protected]

web.nvd.nist.gov

ibm

websphere

7.5

8.0

protocol

mishandling

dos

3.1 Low

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L

4.4 Medium

AI Score

Confidence

High

3.5 Low

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:S/C:N/I:N/A:P

0.001 Low

EPSS

Percentile

41.2%

JSON

IBM WebSphere MQ 7.5 before 7.5.0.7 and 8.0 before 8.0.0.5 mishandles protocol flows, which allows remote authenticated users to cause a denial of service (channel outage) by leveraging queue-manager rights.

CPENameOperatorVersion
ibm:websphere_mqibm websphere mqeq7.5.0.1
ibm:websphere_mqibm websphere mqeq8.0.0.3
ibm:websphere_mqibm websphere mqeq8.0
ibm:websphere_mqibm websphere mqeq7.5.0.2
ibm:websphere_mqibm websphere mqeq7.5.0.3
ibm:websphere_mqibm websphere mqeq7.5.0.5
ibm:websphere_mqibm websphere mqeq8.0.0.2
ibm:websphere_mqibm websphere mqeq7.5.0.6
ibm:websphere_mqibm websphere mqeq7.5
ibm:websphere_mqibm websphere mqeq7.5.0.4

CPE	Name	Operator	Version
ibm:websphere_mq	ibm websphere mq	eq	7.5.0.1
ibm:websphere_mq	ibm websphere mq	eq	8.0.0.3
ibm:websphere_mq	ibm websphere mq	eq	8.0
ibm:websphere_mq	ibm websphere mq	eq	7.5.0.2
ibm:websphere_mq	ibm websphere mq	eq	7.5.0.3
ibm:websphere_mq	ibm websphere mq	eq	7.5.0.5
ibm:websphere_mq	ibm websphere mq	eq	8.0.0.2
ibm:websphere_mq	ibm websphere mq	eq	7.5.0.6
ibm:websphere_mq	ibm websphere mq	eq	7.5
ibm:websphere_mq	ibm websphere mq	eq	7.5.0.4

Rows per page:

1-10 of 121

References

www-01.ibm.com/support/docview.wss?uid=swg21984565

www.securityfocus.com/bid/93146

3.1 Low

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L

4.4 Medium

AI Score

Confidence

High

3.5 Low

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:S/C:N/I:N/A:P

0.001 Low

EPSS

Percentile

41.2%

JSON

Related for CVE-2016-0379

cvelist1 prion1 nessus1 ibm2 openvas1