CVE-2016-8986

MEDIUM

IBM WebSphere MQ 8.0 - DoS

Title source: llm

Description

IBM WebSphere MQ 8.0 could allow an authenticated user with access to the queue manager to bring down MQ channels using specially crafted HTTP requests. IBM Reference #: 1998648.

References (2)

[Patch, Vendor Advisory] http://www.ibm.com/support/docview.wss?uid=swg21998648

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/96412

Scores

CVSS v3 6.5

EPSS 0.0020

EPSS Percentile 42.2%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Classification

CWE

CWE-284

Status published

Affected Products (8)

ibm/websphere_mq

IBM Corporation/WebSphere MQ < 8.0

Timeline

Published Feb 22, 2017

Tracked Since Feb 18, 2026