CVE-2016-8986

Published: Feb 22, 2017Modified: May 13, 2026

6.5

Vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Exploitability: 2.8 / Impact: 3.6

Source: NVD

Description

IBM WebSphere MQ 8.0 could allow an authenticated user with access to the queue manager to bring down MQ channels using specially crafted HTTP requests. IBM Reference #: 1998648.

Affected (7)

Products: Ibm: Websphere Mq

Ibm

1 product

Websphere Mq

Configuration A

7 vulnerable

Vulnerable Software	Affected Versions
Ibm Websphere Mq	Version 8.0.0.0
Ibm Websphere Mq	Version 8.0.0.1
Ibm Websphere Mq	Version 8.0.0.2
Ibm Websphere Mq	Version 8.0.0.3
Ibm Websphere Mq	Version 8.0.0.4
Ibm Websphere Mq	Version 8.0.0.5
Ibm Websphere Mq	Version 8.0

Related CWEs

CWE-284

Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

References (4)

http://www.ibm.com/support/docview.wss?uid=swg21998648

Source: psirt@us.ibm.com

PatchVendor Advisory

http://www.securityfocus.com/bid/96412

Source: psirt@us.ibm.com

http://www.ibm.com/support/docview.wss?uid=swg21998648

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

http://www.securityfocus.com/bid/96412

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.