Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
IBM WebSphere MQ 6.0 before 6.0.2.11 and 7.0 before 7.0.1.5 does not use the CRL Distribution Points (CDP) certificate extension, which might allow man-in-the-middle attackers to spoof an SSL partner via a revoked certificate for a (1) client, (2) queue manager, or (3) application.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
IBM WebSphere MQ CDP证书欺骗漏洞
Vulnerability Description
IBM WebSphere MQ是美国IBM公司的一款消息传递中间件产品。该产品主要为面向服务的体系结构(SOA)提供可靠的、经过验证的消息传递主干网。 IBM WebSphere MQ 6.0.2.11之前的6.0版本和7.0.1.5之前的7.0版本不使用CRL Distribution Points (CDP)证书扩展。中间人攻击者可借助客户端,队列管理员或应用程序废弃的证书欺骗SSL伙伴。
CVSS Information
N/A
Vulnerability Type
N/A