IBM WebSphere MQ 7.1 < 220.127.116.11 MQ SVRCONN Channels Security Configuration Bypass
Medium Nessus Plugin ID 62120
SynopsisThe remote Windows host has a service installed that is affected by a security bypass vulnerability.
DescriptionThe version of IBM WebSphere MQ server 7.1 installed on the remote Windows host is missing fix pack 18.104.22.168 or later. It is, therefore, affected by a vulnerability where client applications can bypass the security configuration setup on an MQ SVRCONN channel, allowing unauthorized users access to the queue manager.
SolutionApply fix pack 22.214.171.124 or later.