This script is Copyright (C) 2012-2015 Tenable Network Security, Inc.
The remote Windows host has a service installed that does not encrypt
usernames and passwords submitted to web pages.
The IBM WebSphere MQ server installed on the remote Windows host is
version 6.x prior to 126.96.36.199 or version 7.x prior to 188.8.131.52. It is,
therefore, affected by a security weakness where usernames and
passwords are sent as cleartext in parameter fields, thus allowing a
remote attacker to obtain sensitive information by sniffing the
See also :
Upgrade to WebSphere MQ 184.108.40.206 / 220.127.116.11 or later.
Risk factor :
Medium / CVSS Base Score : 4.3
CVSS Temporal Score : 3.2
Public Exploit Available : false