CVE-2014-4793

EPSS 0.19%
Published 02.10.2014 00:55:03
Last modified 12.04.2025 10:46:40
Source psirt@us.ibm.com
Teams watchlist Login
Open Login

IBM WebSphere MQ 8.x before 8.0.0.1 does not properly enforce CHLAUTH rules for blocking client connections in certain circumstances related to the CONNAUTH attribute, which allows remote authenticated users to bypass intended queue-manager access restrictions via unspecified vectors.

Affected products Warnungen 0 Metrics 2 CWE 0 References 5

Data is provided by the National Vulnerability Database (NVD)

Ibm ≫ Websphere Mq Version8.0.0.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.19%	0.379

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	6.5	8	6.4	AV:N/AC:L/Au:S/C:P/I:P/A:P

http://www-01.ibm.com/support/docview.wss?uid=swg21685526

Patch

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/95208

https://nvd.nist.gov/vuln/detail/CVE-2014-4793

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2014-4793

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2014-4793

EUVD