Threaded channel agents (amqrmppa) might not terminate when they are no longer required. This can lead to a denial of service through exhausting server resources.
CVEID: CVE-2017-1145**
DESCRIPTION:** IBM WebSphere MQ does not properly terminate channel agents when they are no longer needed which could allow a user to cause a denial of service through resource exhaustion.
CVSS Base Score: 8.6
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/122198 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H)
IBM WebSphere MQ V8
The only maintenance level that is affected by this vulnerability is 8.0.0.6
IBM MQ Appliance
The only maintenance level that is affected by this vulnerability is 8.0.0.6
IBM WebSphere MQ V8
Download and apply ifix IT19218
IBM MQ Appliance
Download and apply ifix IT19218
CPE | Name | Operator | Version |
---|---|---|---|
websphere mq | eq | 8.0.0.6 |