Multiple vulnerabilities in IBM WebSphere MQ



Published: 2018-04-17 | Updated: 2018-06-12
Risk Low
Patch available YES
Number of vulnerabilities 3
CVE-ID CVE-2017-3735
CVE-2017-3736
CVE-2017-1786
CWE-ID CWE-125
CWE-310
CWE-400
Exploitation vector Network
Public exploit N/A
Vulnerable software
Subscribe 		IBM MQ
Server applications / Other server solutions

Vendor IBM Corporation

Security Bulletin

This security bulletin contains information about 3 vulnerabilities.

1) Out-of-bounds read

EUVDB-ID: #VU8487

Risk: Low

CVSSv3.1: 3.3 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N/E:U/RL:W/RC:C]

CVE-ID: CVE-2017-3735

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform spoofing attack.

The vulnerability exists due to one-byte out-of-bounds read when parsing an IPAddressFamily extension in an X.509 certificate. A remote attacker can disguise text display of the certificate.

Mitigation

Update to version 7.0.1, 7.1, 8.0.0.9, 9.0.0.3.

Vulnerable software versions

IBM MQ: 7.0.1 - 9.0.0.2

External links

http://www-01.ibm.com/support/docview.wss?uid=swg22013026&myns=swgws&mynp=OCSSYHRD&mynp=OCSSFKSJ&mync=E&cm_sp=swgws-_-OCSSYHRD-OCSSFKSJ-_-E


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Carry propagation issue

EUVDB-ID: #VU9109

Risk: Low

CVSSv3.1: 5.2 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2017-3736

CWE-ID: CWE-310 - Cryptographic Issues

Exploit availability: No

Description

The vulnerability allows a remote attacker to decrypt data.

The vulnerability exists due to carry propagating bug in the x86_64 Montgomery squaring procedure (bn_sqrx8x_internal). A remote attacker can decrypt encrypted data. The vulnerability affects processors that support the BMI1, BMI2 and ADX extensions like Intel Broadwell (5th generation) and later or AMD Ryzen.

Mitigation

Update to version 8.0.0.9, 9.0.0.3.

Vulnerable software versions

IBM MQ: 8.0.0.0 - 9.0.0.2

External links

http://www-01.ibm.com/support/docview.wss?uid=swg22013025&myns=swgws&mynp=OCSSYHRD&mynp=OCSSFKSJ&mync=E&cm_sp=swgws-_-OCSSYHRD-OCSSFKSJ-_-E


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Resource exhaustion

EUVDB-ID: #VU13272

Risk: Low

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2017-1786

CWE-ID: CWE-400 - Resource exhaustion

Exploit availability: No

Description

The vulnerability allows a remote authenticated attacker to cause DoS condition on the target system.

The vulnerability exists due to memory leak. A remote attacker can trigger resource exhaustion and cause the service to crash.

Mitigation

Update to version: 8.0.0.9, 9.0.0.3, 9.0.5.

Vulnerable software versions

IBM MQ: 8.0.0.0 - 9.0.0.2

External links

http://www-01.ibm.com/support/docview.wss?uid=swg22013023


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###