IBM MQ Managed .NET Client could allow a remote attacker to obtain sensitive information, caused by the failure to properly validate the SSL certificate. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques
CVEID: CVE-2018-1543**
DESCRIPTION:** IBM MQ Managed .NET Client could allow a remote attacker to obtain sensitive information, caused by the failure to properly validate the SSL certificate. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques.
CVSS Base Score: 5.9
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/142598> for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N)
IBM WebSphere MQ v8.0.0.0 to 8.0.0.9
IBM MQ 9.0.0.0 to 9.0.0.3 LTS release
IBM WebSphere MQ v8.0.0.0 to 8.0.0.9
Apply fix pack** **8.0.0.10
IBM MQ 9.0.0.0 to 9.0.0.3 LTS
Apply fix pack 9.0.0.4.
None