Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
IBM WebSphere MQ 8.x before 8.0.0.1 does not properly enforce CHLAUTH rules for blocking client connections in certain circumstances related to the CONNAUTH attribute, which allows remote authenticated users to bypass intended queue-manager access restrictions via unspecified vectors.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
IBM WebSphere MQ 权限许可和访问控制漏洞
Vulnerability Description
IBM WebSphere MQ是美国IBM公司的一款消息传递中间件产品。该产品主要为面向服务的体系结构(SOA)提供可靠的、经过验证的消息传递主干网。 IBM WebSphere MQ 8.0.0.0版本中存在安全漏洞,该漏洞源于CHLAUTH规则没有正确阻断客户端连接。远程攻击者可利用该漏洞绕过既定的queue-manager访问限制。
CVSS Information
N/A
Vulnerability Type
N/A