EPSS
Percentile
34.3%
IBM MQ is vulnerable to insecure session. The vulnerability exists due to an error where users are not disconnected when they logout allowing an attacker to conduct a session fixation attack.
exchange.xforce.ibmcloud.com/vulnerabilities/159352
www.ibm.com/support/pages/node/886899
www.ibm.com/support/pages/security-bulletin-ibm-mq-amqp-listeners-are-vulnerable-session-fixation-attack-cve-2019-4227