IBM MQ could allow an authenticated attacker to escalate their privileges with channels that have multiplexing enabled.
CVEID: CVE-2018-1974 DESCRIPTION: IBM MQ could allow an authenticated attacker to escalate their privileges when using multiplexed channels.
CVSS Base Score: 7.5
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/153915> for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H)
IBM MQ v8
IBM MQ v9 LTS
IBM MQ v9.1 CD
IBM MQ v9.1 LTS
IBM MQ v8
IBM MQ v9 LTS
IBM MQ v9.1 CD
IBM MQ v9.1 LTS
Disable multiplexing on channels