IBM WebSphere MQ contains a vulnerability in which authentication is bypassed by MQTT clients with the “JAASConfig” configuration property set.
CVE ID: CVE-2014-6116
IBM WebSphere MQ contains a vulnerability in which authentication is bypassed by MQTT clients with the “JAASConfig” configuration property set.
CVSS Base Score: 4.3
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/96213> for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N)
.
IBM WebSphere MQ Telemetry Component
Remove fix pack WebSphere MQ 8.0.0.1 (Level: p000-001-L140910), then install the latest version of WebSphere MQ 8.0.0.1 fix pack.
CPE | Name | Operator | Version |
---|---|---|---|
websphere mq | eq | 8.0.0.1 |