CVE-2016-0360

2017-02-1519:00:00

ibm

www.cve.org

AI Score

9.7

Confidence

High

EPSS

0.004

Percentile

75.1%

JSON

IBM Websphere MQ JMS 7.0.1, 7.1, 7.5, 8.0, and 9.0 client provides classes that deserialize objects from untrusted sources which could allow a malicious user to execute arbitrary Java code by adding vulnerable classes to the classpath. IBM Reference #: 1983457.

CNA Affected

[
  {
    "product": "WebSphere MQ",
    "vendor": "IBM Corporation",
    "versions": [
      {
        "status": "affected",
        "version": "7.0.1"
      },
      {
        "status": "affected",
        "version": "7.1"
      },
      {
        "status": "affected",
        "version": "7.5"
      },
      {
        "status": "affected",
        "version": "8.0"
      },
      {
        "status": "affected",
        "version": "9.0"
      }
    ]
  }
]