A security vulnerability exists in the IBM Java Runtime Environment component of WebSphere MQ, a patch for this is available in IBM JRE 6.0 (SR15 FP1).
CVEID: CVE-2013-5780 DESCRIPTION: An unspecified vulnerability in IBM Java related to the Libraries component could allow a remote attacker to obtain sensitive information.
CVSS Base Score: 4.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/88001 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV/N:AC/M:Au/N:C/P:I/N:A/N)
IBM JRE 6 (maintenance levels older than SR15) provided by;
WebSphere MQ 7.1
Apply fix pack 7.1.0.5 when available. In the interim apply APAR IC99261
WebSphere MQ 7.5
Apply fix pack 7.5.0.3 or later
None known
CPE | Name | Operator | Version |
---|---|---|---|
websphere mq | eq | 7.5.0.2 | |
websphere mq | eq | 7.5.0.1 | |
websphere mq | eq | 7.5 | |
websphere mq | eq | 7.1.0.4 | |
websphere mq | eq | 7.1.0.3 | |
websphere mq | eq | 7.1.0.2 | |
websphere mq | eq | 7.1.0.1 | |
websphere mq | eq | 7.1 |