CVE-2017-1747

A specially crafted message could cause a denial of service in IBM WebSphere MQ 9.0, 9.0.0.1, 9.0.0.2, 9.0.1, 9.0.2, 9.0.3, and 9.0.4 applications consuming messages that it needs to perform data conversion on. IBM X-Force ID: 135520.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
ibmCNA
5.3 MEDIUM
NETWORK
HIGH
LOW
CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 47%
Affected Products (NVD)
VendorProductVersion
ibmwebsphere_mq
9.0
ibmwebsphere_mq
9.0.0.1
ibmwebsphere_mq
9.0.0.2
ibmwebsphere_mq
9.0.1
ibmwebsphere_mq
9.0.2
ibmwebsphere_mq
9.0.3
ibmwebsphere_mq
9.0.4
𝑥
= Vulnerable software versions
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
VendorProductVersionSource
ibmmq
9.0
CNA
ibmmq
9.0.1
CNA
ibmmq
9.0.0.1
CNA
ibmmq
9.0.2
CNA
ibmmq
9.0.0.2
CNA
ibmmq
9.0.3
CNA
ibmmq
9.0.4
CNA
Common Weakness Enumeration
References
http://www.ibm.com/support/docview.wss?uid=swg22012992
http://www.securityfocus.com/bid/103590
https://exchange.xforce.ibmcloud.com/vulnerabilities/135520
http://www.ibm.com/support/docview.wss?uid=swg22012992
http://www.securityfocus.com/bid/103590
https://exchange.xforce.ibmcloud.com/vulnerabilities/135520