← Back

CVE-2015-0118

nvd nist
Published: Jun 28, 2015Modified: May 6, 2026

JSON object

Loading...
4.3
Vector
AV:N/AC:M/Au:N/C:P/I:N/A:N
Exploitability: 8.6 / Impact: 2.9
Source: NVD

Description

IBM WebSphere Message Broker Toolkit 7 before 7007 IF2 and 8 before 8005 IF1 and Integration Toolkit 9 before 9003 IF1 are distributed with MQ client JAR files that support only weak TLS ciphers, which might make it easier for remote attackers to obtain sensitive information by sniffing the network during a connection to an Integration Bus node.

Affected (16)

Ibm
2 products
Websphere Message Broker
Integration Bus
Configuration A
12 vulnerable
Vulnerable SoftwareAffected Versions
Ibm
Websphere Message Broker
Version 7.0.0.1
Websphere Message Broker
Version 7.0.0.2
Websphere Message Broker
Version 7.0.0.3
Websphere Message Broker
Version 7.0.0.4
Websphere Message Broker
Version 7.0.0.5
Websphere Message Broker
Version 7.0.
Websphere Message Broker
Version 8.0.0.1
Websphere Message Broker
Version 8.0.0.2
Websphere Message Broker
Version 8.0.0.3
Websphere Message Broker
Version 8.0.0.4
Websphere Message Broker
Version 8.0.0.5
Websphere Message Broker
Version 8.0
Configuration B
4 vulnerable
Vulnerable SoftwareAffected Versions
Ibm
Integration Bus
Version 9.0.0.1
Integration Bus
Version 9.0.0.2
Integration Bus
Version 9.0.0.3
Integration Bus
Version 9.0

Related CWEs

CWE-310
CWE-310

References (4)

Source: psirt@us.ibm.com
Source: psirt@us.ibm.com
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory

Timeline

No history available yet.