The IBM MQ Console is vulnerable to a man in the middle attack caused by weaker than expected cryptographic algorithms.
CVEID: CVE-2018-1925 DESCRIPTION: IBM MQ uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.
CVSS Base Score: 5.9
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/152925> for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N)
IBM MQ V9.1 LTS
v9.1.0.0 - 9.1.0.1
IBM MQ V9.1 CD
v9.1.1
IBM MQ V9.1 LTS
IBM MQ V9.1 CD
Enable FIPS mode in your jvm.options file for the MQ Console by adding the following line:
-Dcom.ibm.jsse2.usefipsprovider=true