This script is Copyright (C) 2012-2015 Tenable Network Security, Inc.
The remote Windows host has a service installed that does not encrypt
usernames and passwords submitted to web pages.
The IBM WebSphere MQ server installed on the remote Windows host is
version 6.x prior to 188.8.131.52 or version 7.x prior to 184.108.40.206. It is,
therefore, affected by a security weakness where usernames and
passwords are sent as cleartext in parameter fields, thus allowing a
remote attacker to obtain sensitive information by sniffing the
See also :
Upgrade to WebSphere MQ 220.127.116.11 / 18.104.22.168 or later.
Risk factor :
Medium / CVSS Base Score : 4.3
CVSS Temporal Score : 3.2
Public Exploit Available : false