|Number of vulnerabilities||1|
|CVE ID|| CVE-2017-1557
|CWE ID|| CWE-20
|Public exploit||Not available|
|Vulnerable software versions||
IBM MQ 22.214.171.124
IBM MQ 126.96.36.199
IBM MQ 188.8.131.52
|Vendor URL||IBM Corporation|
The vulnerability allows a remote authenticated attacker to cause DoS condition on the target system.
The weakness exists due to insufficient validation of user-supplied input. A remote attacker with authority to connect to a remote queue manager can send a malicious request, cause undefined behaviour within the channel process servicing that connection, including a loss of service for other connections being serviced by the same channel process.
Successful exploitation of the vulnerability may result in denial of service.
Update to version 184.108.40.206, 220.127.116.11, 9.0.4.