Lucene search
K

IBM MQ Unsupported Version Detection (credentialed check)

🗓️ 01 May 2017 00:00:00Reported by TenableType 
nessus
 nessus
🔗 www.tenable.com👁 254 Views

IBM MQ Unsupported Version Detection (credentialed check). Checks the version of IBM MQ. Lack of support implies that no new security patches for the product will be released by the vendor. It is likely to contain security vulnerabilities

Refs
Code
##
# (C) Tenable Network Security, Inc.
##

include('compat.inc');

if (description)
{
  script_id(99907);
  script_version("1.9");
  script_set_attribute(attribute:"plugin_modification_date", value:"2026/04/22");

  script_xref(name:"IAVA", value:"0001-A-0539");

  script_name(english:"IBM MQ Unsupported Version Detection (credentialed check)");
  script_summary(english:"Checks the version of IBM MQ.");

  script_set_attribute(attribute:"synopsis", value:
"A message queuing application installed on the remote host is no
longer supported.");
  script_set_attribute(attribute:"description", value:
"According to its self-reported version number, the installation of
IBM MQ (formerly IBM WebSphere MQ) on the remote Windows host is no
longer supported.

Lack of support implies that no new security patches for the product
will be released by the vendor. As a result, it is likely to contain
security vulnerabilities.");
  script_set_attribute(attribute:"see_also", value:"https://www.ibm.com/docs/en/ibm-mq");
  script_set_attribute(attribute:"see_also", value:"https://www.ibm.com/support/home/pages/lifecycle/?from=index_w");
  script_set_attribute(attribute:"see_also", value:"https://www.ibm.com/support/pages/node/288503");
  # https://www.ibm.com/support/pages/announcement-end-support-ibm-mq-80-and-ibm-mq-appliance-m2000
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?029d397b");
  script_set_attribute(attribute:"see_also", value:"https://www.ibm.com/support/pages/announcement-end-support-ibm-mq-90");
  script_set_attribute(attribute:"solution", value:
"Upgrade to a version of IBM MQ that is currently supported.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H");
  script_set_attribute(attribute:"cvss_score_source", value:"manual");
  script_set_attribute(attribute:"cvss_score_rationale", value:"Default unsupported software score.");

  script_set_attribute(attribute:"plugin_publication_date", value:"2017/05/01");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:ibm:websphere_mq");
  script_set_attribute(attribute:"unsupported_by_vendor", value:"true");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Windows");

  script_copyright(english:"This script is Copyright (C) 2017-2026 Tenable Network Security, Inc.");

  script_dependencies("websphere_mq_installed.nasl");
  script_require_keys("installed_sw/IBM WebSphere MQ", "SMB/Registry/Enumerated");

  exit(0);
}

include('install_func.inc');

get_kb_item_or_exit("SMB/Registry/Enumerated");

var appname = 'IBM WebSphere MQ';
var eol_date = '';
var eol_url  = '';

# Note that versions of X.Y.0 are LTS
# Cleaner structure: array of version records
var eol_data = [
  {
    'version_regex': "^[0-6]($|[^0-9])",
    'eol_date': '2015/09/30',
    'eol_url': 'n/a'
  },
  {
    'version_regex': "^7\.0($|[^0-9])",
    'eol_date': '2015/09/30',
    'eol_url': 'https://www.ibm.com/common/ssi/cgi-bin/ssialias?infotype=AN&subtype=CA&appname=gpateam&supplier=897&letternum=ENUS914-067&pdf=yes'
  },
  {
    'version_regex': "^7\.0\.1($|[^0-9])",
    'eol_date': '2015/09/30',
    'eol_url': 'https://www.ibm.com/common/ssi/cgi-bin/ssialias?infotype=AN&subtype=CA&appname=gpateam&supplier=897&letternum=ENUS914-067&pdf=yes'
  },
  {
    'version_regex': "^7\.1($|[^0-9])",
    'eol_date': '2017/04/30',
    'eol_url': 'https://www.ibm.com/common/ssi/cgi-bin/ssialias?infotype=AN&subtype=CA&appname=gpateam&supplier=897&letternum=ENUS914-072&pdf=yes'
  },
  {
    'version_regex': "^7\.5($|[^0-9])",
    'eol_date': '2018/04/30',
    'eol_url': 'http://www.ibm.com/common/ssi/cgi-bin/ssialias?infotype=AN&subtype=CA&appname=gpateam&supplier=897&letternum=ENUS916-117&pdf=yes'
  },
  {
    'version_regex': "^8($|[^0-9])",
    'eol_date': '2020/04/30',
    'eol_url': 'https://www.ibm.com/support/pages/lifecycle/details/?q45=H933160D05114R54~C445939F66552L21'
  },
  {
    'version_regex': "^9\.0($|[^0-9])",
    'eol_date': '2021/09/30',
    'eol_url': 'https://www.ibm.com/downloads/cas/US-ENUS920-045-CA/name/US-ENUS920-045-CA.PDF',
    'lts_version_regex': "^9\.0\.0($|[^0-9])",
    'extended_eol_date': '2025/09/30'
  },
  {
    'version_regex': "^9\.1($|[^0-9])",
    'eol_date': '2023/09/30',
    'eol_url': 'https://www.ibm.com/support/pages/lifecycle/details/?q45=H933160D05114R54~C445939F66552L21',
    'lts_version_regex': "^9\.1\.0($|[^0-9])",
    'extended_eol_date': '2027/09/30'
  },
  {
    'version_regex': "^9\.2($|[^0-9])",
    'eol_date': '2025/09/30',
    'eol_url': 'https://www.ibm.com/support/pages/node/6244104',
    'lts_version_regex': "^9\.2\.0($|[^0-9])",
    'extended_eol_date': '2029/09/30',
    'extended_eol_url': 'https://www.ibm.com/support/pages/node/6244104'
  }
];

var install = get_single_install(app_name:appname, exit_if_unknown_ver:TRUE);
var report, regex, port, now_as_unixtime, eol_as_unixtime, eeol_as_unixtime, flag;
var path = install['path'];
var version = install['version'];
var ver = pregmatch(string:version, pattern:"^([0-9.]+)");
var currently_supported = "9.3 and later";
var currently_unsupported_cutoff = "9.3";

if (!empty_or_null(install['port']))
  exit(0, appname + ' installation listening on port ' + install['port'] + ' was detected remotely and will not be checked by this plugin.');

if(empty_or_null(ver))
  audit(AUDIT_UNKNOWN_APP_VER, appname);
else
  ver = ver[1];

dbg::detailed_log(msg:"Version extracted", lvl:2, msg_details:{
  'ver': {lvl:3, value:ver}
});

if (ver_compare(ver:ver, fix:currently_unsupported_cutoff, strict:FALSE) >= 0)
  audit(AUDIT_INST_PATH_NOT_VULN, appname, ver, path);

if (get_kb_item('TEST/move_time_to_test_value'))
  now_as_unixtime = get_kb_item('TEST/move_time_to_test_value');
else
  now_as_unixtime = unixtime();

foreach var entry (eol_data)
{
  dbg::detailed_log(msg:"Checking EOL entry", lvl:2, msg_details:{
    'ver': {lvl:3, value:ver},
    'version_regex': {lvl:3, value:entry['version_regex']}
  });
  if (ver !~ entry['version_regex']) continue;

  dbg::detailed_log(msg:"Version matches entry, checking EOL date", lvl:2, msg_details:{
    'ver': {lvl:3, value:ver},
    'eol_date': {lvl:3, value:entry['eol_date']}
  });
  # Check if base version is past EOL
  eol_as_unixtime = datetime::to_unixtime(
    datestr:entry['eol_date'],
    format:'yyyy/mm/dd');

  if (eol_as_unixtime > now_as_unixtime)
  {
    dbg::detailed_log(msg:"EOL date not yet reached", lvl:2, msg_details:{
      'eol_date': {lvl:3, value:entry['eol_date']},
      'eol_as_unixtime': {lvl:3, value:eol_as_unixtime},
      'now_as_unixtime': {lvl:3, value:now_as_unixtime}
    });
    continue;
  }

  dbg::detailed_log(msg:"Version is past EOL date", lvl:2, msg_details:{
    'ver': {lvl:3, value:ver},
    'eol_date': {lvl:3, value:entry['eol_date']}
  });

  # Default: version is EOL
  flag = TRUE;
  eol_date = entry['eol_date'];
  eol_url = entry['eol_url'];

  # Check if this is an LTS version with extended support
  if (!empty_or_null(entry['lts_version_regex']) &&
      ver =~ entry['lts_version_regex'])
  {
    dbg::detailed_log(msg:"Checking LTS version with extended support", lvl:2, msg_details:{
      'ver': {lvl:3, value:ver},
      'lts_version_regex': {lvl:3, value:entry['lts_version_regex']},
      'extended_eol_date': {lvl:3, value:entry['extended_eol_date']}
    });
    eeol_as_unixtime = datetime::to_unixtime(
      datestr:entry['extended_eol_date'],
      format:'yyyy/mm/dd');

    eol_date = entry['extended_eol_date'];
    if (!empty_or_null(entry['extended_eol_url']))
      eol_url = entry['extended_eol_url'];

    # Still under extended support (unless paranoid scan)
    if (eeol_as_unixtime > now_as_unixtime && report_paranoia < 2)
    {
      dbg::detailed_log(msg:"LTS version still under extended support", lvl:2, msg_details:{
        'ver': {lvl:3, value:ver},
        'extended_eol_date': {lvl:3, value:entry['extended_eol_date']},
        'report_paranoia': {lvl:3, value:report_paranoia}
      });
      flag = FALSE;
      break;
    }
    else
    {
      dbg::detailed_log(msg:"LTS version past extended support or paranoid scan", lvl:2, msg_details:{
        'ver': {lvl:3, value:ver},
        'extended_eol_date': {lvl:3, value:entry['extended_eol_date']},
        'eeol_as_unixtime': {lvl:3, value:eeol_as_unixtime},
        'now_as_unixtime': {lvl:3, value:now_as_unixtime},
        'report_paranoia': {lvl:3, value:report_paranoia}
      });
    }
  }
  break; # Found matching entry, no need to continue
}

if (!flag) audit(AUDIT_INST_PATH_NOT_VULN, appname, ver, path);

dbg::detailed_log(msg:"Version confirmed unsupported", lvl:2, msg_details:{
  'ver': {lvl:3, value:ver},
  'eol_date': {lvl:3, value:eol_date}
});

# finding exists at this point
register_unsupported_product(product_name:"IBM WebSphere MQ",
                             cpe_base:"ibm:websphere_mq", version:version);

port = get_kb_item("SMB/transport");
if (!port) port = 445;

report =
  '\n  Path               : ' + path +
  '\n  Installed version  : ' + version +
  '\n  Supported versions : ' + currently_supported +
  '\n  EOL Date           : ' + eol_date +
  '\n  EOL URL            : ' + eol_url +
  '\n';
security_report_v4(port:port, severity:SECURITY_HOLE, extra:report);

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

22 Apr 2026 00:00Current
5.8Medium risk
Vulners AI Score5.8
254