##
# (C) Tenable Network Security, Inc.
##
include('compat.inc');
if (description)
{
script_id(99907);
script_version("1.9");
script_set_attribute(attribute:"plugin_modification_date", value:"2026/04/22");
script_xref(name:"IAVA", value:"0001-A-0539");
script_name(english:"IBM MQ Unsupported Version Detection (credentialed check)");
script_summary(english:"Checks the version of IBM MQ.");
script_set_attribute(attribute:"synopsis", value:
"A message queuing application installed on the remote host is no
longer supported.");
script_set_attribute(attribute:"description", value:
"According to its self-reported version number, the installation of
IBM MQ (formerly IBM WebSphere MQ) on the remote Windows host is no
longer supported.
Lack of support implies that no new security patches for the product
will be released by the vendor. As a result, it is likely to contain
security vulnerabilities.");
script_set_attribute(attribute:"see_also", value:"https://www.ibm.com/docs/en/ibm-mq");
script_set_attribute(attribute:"see_also", value:"https://www.ibm.com/support/home/pages/lifecycle/?from=index_w");
script_set_attribute(attribute:"see_also", value:"https://www.ibm.com/support/pages/node/288503");
# https://www.ibm.com/support/pages/announcement-end-support-ibm-mq-80-and-ibm-mq-appliance-m2000
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?029d397b");
script_set_attribute(attribute:"see_also", value:"https://www.ibm.com/support/pages/announcement-end-support-ibm-mq-90");
script_set_attribute(attribute:"solution", value:
"Upgrade to a version of IBM MQ that is currently supported.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H");
script_set_attribute(attribute:"cvss_score_source", value:"manual");
script_set_attribute(attribute:"cvss_score_rationale", value:"Default unsupported software score.");
script_set_attribute(attribute:"plugin_publication_date", value:"2017/05/01");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/a:ibm:websphere_mq");
script_set_attribute(attribute:"unsupported_by_vendor", value:"true");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Windows");
script_copyright(english:"This script is Copyright (C) 2017-2026 Tenable Network Security, Inc.");
script_dependencies("websphere_mq_installed.nasl");
script_require_keys("installed_sw/IBM WebSphere MQ", "SMB/Registry/Enumerated");
exit(0);
}
include('install_func.inc');
get_kb_item_or_exit("SMB/Registry/Enumerated");
var appname = 'IBM WebSphere MQ';
var eol_date = '';
var eol_url = '';
# Note that versions of X.Y.0 are LTS
# Cleaner structure: array of version records
var eol_data = [
{
'version_regex': "^[0-6]($|[^0-9])",
'eol_date': '2015/09/30',
'eol_url': 'n/a'
},
{
'version_regex': "^7\.0($|[^0-9])",
'eol_date': '2015/09/30',
'eol_url': 'https://www.ibm.com/common/ssi/cgi-bin/ssialias?infotype=AN&subtype=CA&appname=gpateam&supplier=897&letternum=ENUS914-067&pdf=yes'
},
{
'version_regex': "^7\.0\.1($|[^0-9])",
'eol_date': '2015/09/30',
'eol_url': 'https://www.ibm.com/common/ssi/cgi-bin/ssialias?infotype=AN&subtype=CA&appname=gpateam&supplier=897&letternum=ENUS914-067&pdf=yes'
},
{
'version_regex': "^7\.1($|[^0-9])",
'eol_date': '2017/04/30',
'eol_url': 'https://www.ibm.com/common/ssi/cgi-bin/ssialias?infotype=AN&subtype=CA&appname=gpateam&supplier=897&letternum=ENUS914-072&pdf=yes'
},
{
'version_regex': "^7\.5($|[^0-9])",
'eol_date': '2018/04/30',
'eol_url': 'http://www.ibm.com/common/ssi/cgi-bin/ssialias?infotype=AN&subtype=CA&appname=gpateam&supplier=897&letternum=ENUS916-117&pdf=yes'
},
{
'version_regex': "^8($|[^0-9])",
'eol_date': '2020/04/30',
'eol_url': 'https://www.ibm.com/support/pages/lifecycle/details/?q45=H933160D05114R54~C445939F66552L21'
},
{
'version_regex': "^9\.0($|[^0-9])",
'eol_date': '2021/09/30',
'eol_url': 'https://www.ibm.com/downloads/cas/US-ENUS920-045-CA/name/US-ENUS920-045-CA.PDF',
'lts_version_regex': "^9\.0\.0($|[^0-9])",
'extended_eol_date': '2025/09/30'
},
{
'version_regex': "^9\.1($|[^0-9])",
'eol_date': '2023/09/30',
'eol_url': 'https://www.ibm.com/support/pages/lifecycle/details/?q45=H933160D05114R54~C445939F66552L21',
'lts_version_regex': "^9\.1\.0($|[^0-9])",
'extended_eol_date': '2027/09/30'
},
{
'version_regex': "^9\.2($|[^0-9])",
'eol_date': '2025/09/30',
'eol_url': 'https://www.ibm.com/support/pages/node/6244104',
'lts_version_regex': "^9\.2\.0($|[^0-9])",
'extended_eol_date': '2029/09/30',
'extended_eol_url': 'https://www.ibm.com/support/pages/node/6244104'
}
];
var install = get_single_install(app_name:appname, exit_if_unknown_ver:TRUE);
var report, regex, port, now_as_unixtime, eol_as_unixtime, eeol_as_unixtime, flag;
var path = install['path'];
var version = install['version'];
var ver = pregmatch(string:version, pattern:"^([0-9.]+)");
var currently_supported = "9.3 and later";
var currently_unsupported_cutoff = "9.3";
if (!empty_or_null(install['port']))
exit(0, appname + ' installation listening on port ' + install['port'] + ' was detected remotely and will not be checked by this plugin.');
if(empty_or_null(ver))
audit(AUDIT_UNKNOWN_APP_VER, appname);
else
ver = ver[1];
dbg::detailed_log(msg:"Version extracted", lvl:2, msg_details:{
'ver': {lvl:3, value:ver}
});
if (ver_compare(ver:ver, fix:currently_unsupported_cutoff, strict:FALSE) >= 0)
audit(AUDIT_INST_PATH_NOT_VULN, appname, ver, path);
if (get_kb_item('TEST/move_time_to_test_value'))
now_as_unixtime = get_kb_item('TEST/move_time_to_test_value');
else
now_as_unixtime = unixtime();
foreach var entry (eol_data)
{
dbg::detailed_log(msg:"Checking EOL entry", lvl:2, msg_details:{
'ver': {lvl:3, value:ver},
'version_regex': {lvl:3, value:entry['version_regex']}
});
if (ver !~ entry['version_regex']) continue;
dbg::detailed_log(msg:"Version matches entry, checking EOL date", lvl:2, msg_details:{
'ver': {lvl:3, value:ver},
'eol_date': {lvl:3, value:entry['eol_date']}
});
# Check if base version is past EOL
eol_as_unixtime = datetime::to_unixtime(
datestr:entry['eol_date'],
format:'yyyy/mm/dd');
if (eol_as_unixtime > now_as_unixtime)
{
dbg::detailed_log(msg:"EOL date not yet reached", lvl:2, msg_details:{
'eol_date': {lvl:3, value:entry['eol_date']},
'eol_as_unixtime': {lvl:3, value:eol_as_unixtime},
'now_as_unixtime': {lvl:3, value:now_as_unixtime}
});
continue;
}
dbg::detailed_log(msg:"Version is past EOL date", lvl:2, msg_details:{
'ver': {lvl:3, value:ver},
'eol_date': {lvl:3, value:entry['eol_date']}
});
# Default: version is EOL
flag = TRUE;
eol_date = entry['eol_date'];
eol_url = entry['eol_url'];
# Check if this is an LTS version with extended support
if (!empty_or_null(entry['lts_version_regex']) &&
ver =~ entry['lts_version_regex'])
{
dbg::detailed_log(msg:"Checking LTS version with extended support", lvl:2, msg_details:{
'ver': {lvl:3, value:ver},
'lts_version_regex': {lvl:3, value:entry['lts_version_regex']},
'extended_eol_date': {lvl:3, value:entry['extended_eol_date']}
});
eeol_as_unixtime = datetime::to_unixtime(
datestr:entry['extended_eol_date'],
format:'yyyy/mm/dd');
eol_date = entry['extended_eol_date'];
if (!empty_or_null(entry['extended_eol_url']))
eol_url = entry['extended_eol_url'];
# Still under extended support (unless paranoid scan)
if (eeol_as_unixtime > now_as_unixtime && report_paranoia < 2)
{
dbg::detailed_log(msg:"LTS version still under extended support", lvl:2, msg_details:{
'ver': {lvl:3, value:ver},
'extended_eol_date': {lvl:3, value:entry['extended_eol_date']},
'report_paranoia': {lvl:3, value:report_paranoia}
});
flag = FALSE;
break;
}
else
{
dbg::detailed_log(msg:"LTS version past extended support or paranoid scan", lvl:2, msg_details:{
'ver': {lvl:3, value:ver},
'extended_eol_date': {lvl:3, value:entry['extended_eol_date']},
'eeol_as_unixtime': {lvl:3, value:eeol_as_unixtime},
'now_as_unixtime': {lvl:3, value:now_as_unixtime},
'report_paranoia': {lvl:3, value:report_paranoia}
});
}
}
break; # Found matching entry, no need to continue
}
if (!flag) audit(AUDIT_INST_PATH_NOT_VULN, appname, ver, path);
dbg::detailed_log(msg:"Version confirmed unsupported", lvl:2, msg_details:{
'ver': {lvl:3, value:ver},
'eol_date': {lvl:3, value:eol_date}
});
# finding exists at this point
register_unsupported_product(product_name:"IBM WebSphere MQ",
cpe_base:"ibm:websphere_mq", version:version);
port = get_kb_item("SMB/transport");
if (!port) port = 445;
report =
'\n Path : ' + path +
'\n Installed version : ' + version +
'\n Supported versions : ' + currently_supported +
'\n EOL Date : ' + eol_date +
'\n EOL URL : ' + eol_url +
'\n';
security_report_v4(port:port, severity:SECURITY_HOLE, extra:report);
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation