IBM WebSphere MQ 7.1

CPE Details

IBM WebSphere MQ 7.1
ibm
websphere_mq
7.1
2012-08-30
11h55 +00:00
2012-09-21
18h22 +00:00
CPE NVD
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:a:ibm:websphere_mq:7.1:*:*:*:*:*:*:*

Informations

Vendor

ibm

Product

websphere_mq

Version

7.1

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2012-2201 2020-08-27 10h35 +00:00 IBM WebSphere MQ 7.1 is vulnerable to a denial of service, caused by an error when handling user ids. A remote attacker could exploit this vulnerability to bypass the security configuration setup on a SVRCONN channel and flood the queue manager.
7.5
Haute
CVE-2020-4310 2020-06-16 13h45 +00:00 IBM MQ and MQ Appliance 7.1, 7.5, 8.0, 9.0 LTS, 9.1 LTS, and 9.1 C are vulnerable to a denial of service attack due to an error within the Data Conversion logic. IBM X-Force ID: 177081.
7.5
Haute
CVE-2018-1374 2018-06-26 20h00 +00:00 An IBM WebSphere MQ (Maintenance levels 7.1.0.0 - 7.1.0.9, 7.5.0.0 - 7.5.0.8, 8.0.0.0 - 8.0.0.8, 9.0.0.0 - 9.0.0.2, and 9.0.0 - 9.0.4) client connecting to a Queue Manager could cause a SIGSEGV in the Channel process amqrmppa. IBM X-Force ID: 137775.
6.5
Moyen
CVE-2016-3013 2017-02-22 18h00 +00:00 IBM WebSphere MQ 8.0 could allow an authenticated user to crash the MQ channel due to improper data conversion handling. IBM Reference #: 1998661.
6.5
Moyen
CVE-2016-3052 2017-02-22 18h00 +00:00 Under non-standard configurations, IBM WebSphere MQ might send password data in clear text over the network. This data could be intercepted using man in the middle techniques.
5.9
Moyen
CVE-2015-0176 2015-04-26 23h00 +00:00 Cross-site scripting (XSS) vulnerability in MQ XR WebSockets Listener in WMQ Telemetry in IBM WebSphere MQ 8.0 before 8.0.0.2 allows remote attackers to inject arbitrary web script or HTML via a crafted URI that is included in an error response.
4.3
CVE-2014-4771 2015-02-13 01h00 +00:00 IBM WebSphere MQ 7.0.1 before 7.0.1.13, 7.1 before 7.1.0.6, 7.5 before 7.5.0.5, and 8 before 8.0.0.1 allows remote authenticated users to cause a denial of service (queue-slot exhaustion) by leveraging PCF query privileges for a crafted query.
3.5
CVE-2014-0911 2014-05-07 08h00 +00:00 inetd in IBM WebSphere MQ 7.1.x before 7.1.0.5 and 7.5.x before 7.5.0.4 allows remote attackers to cause a denial of service (disk or CPU consumption) via unspecified vectors.
4.3
CVE-2013-3028 2013-07-02 19h00 +00:00 Multiple buffer overflows in mqm programs in IBM WebSphere MQ 7.0.x before 7.0.1.11, 7.1.x before 7.1.0.3, and 7.5.x before 7.5.0.2 on non-Windows platforms allow local users to gain privileges via unspecified vectors.
4.6
CVE-2012-2199 2012-09-25 18h00 +00:00 The server message channel agent in the queue manager in the server in IBM WebSphere MQ 7.0.1 before 7.0.1.9, 7.1, and 7.5 on Solaris allows remote attackers to cause a denial of service (invalid address alignment exception and daemon crash) via vectors involving a multiplexed channel.
5
CVE-2012-3295 2012-08-29 20h00 +00:00 IBM WebSphere MQ 7.1, when an SVRCONN channel is used, allows remote attackers to bypass the security-configuration setup step and obtain queue-manager access via unspecified vectors.
4.3