2 matches found
CVE-2015-1957
IBM WebSphere MQ is affected by a vulnerability in which messages can be disclosed via a man-in-the-middle due to duplication of message data in cleartext outside the protected payload. The affected versions are IBM WebSphere MQ 7.5.x before 7.5.0.6 and 8.0.x before 8.0.0.3. The issue arises unde...
IBM MQ 8.x < 8.0.0.3 Multiple Information Disclosure (credentialed check)
The version of IBM MQ formerly IBM WebSphere MQ 8.x installed on the remote Windows host is missing fix pack 8.0.0.3 or later. It is, therefore, affected by the following vulnerabilities : - A flaw exists in the Advanced Message Security policy when a JMS client application sends a message to the...