CVE-2018-1684

IBM WebSphere MQ 8.0 through 9.1 is vulnerable to a error with MQTT topic string publishing that can cause a denial of service attack. IBM X-Force ID: 145456.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
ibmCNA
5.3 MEDIUM
NETWORK
HIGH
LOW
CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 61%
Affected Products (NVD)
VendorProductVersion
ibmwebsphere_mq
8.0.0.0 ≤
𝑥
≤ 8.0.0.10
ibmwebsphere_mq
9.0.0.0 ≤
𝑥
≤ 9.0.0.5
ibmwebsphere_mq
9.0.1 ≤
𝑥
≤ 9.0.5
ibmwebsphere_mq
9.1.0.0
𝑥
= Vulnerable software versions
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
VendorProductVersionSource
ibmmq
9.0.1
CNA
ibmmq
9.0.0.1
CNA
ibmmq
9.0.2
CNA
ibmmq
8.0.0.1
CNA
ibmmq
8.0.0.2
CNA
ibmmq
8.0.0.3
CNA
ibmmq
8.0.0.4
CNA
ibmmq
8.0.0.5
CNA
ibmmq
8.0.0.6
CNA
ibmmq
8.0.0.7
CNA
ibmmq
9.0.0.2
CNA
ibmmq
9.0.3
CNA
ibmmq
9.0.4
CNA
ibmmq
8.0.0.8
CNA
ibmmq
8.0.0.9
CNA
ibmmq
9.0.0.3
CNA
ibmmq
8.0.0.0
CNA
ibmmq
8.0.0.10
CNA
ibmmq
9.0.0.0
CNA
ibmmq
9.0.0.4
CNA
ibmmq
9.0.0.5
CNA
ibmmq
9.0.5
CNA
ibmmq
9.1.0.0
CNA
References
https://exchange.xforce.ibmcloud.com/vulnerabilities/145456
https://www.ibm.com/support/docview.wss?uid=ibm10734297
https://exchange.xforce.ibmcloud.com/vulnerabilities/145456
https://www.ibm.com/support/docview.wss?uid=ibm10734297