IBM Websphere MQ MCAUSER Bypass
- Published: 28 Mar 2008
- Type: Websphere MQ MCAUSER Setting Bypass Vulnerability
- Severity: High
Affected Products
Websphere MQ
CVE
CVE-2008-1130
The Websphere MQ service can be used to transfer messages between systems and applications. It is possible to lock down access to channels by setting an invalid MCAUSER. A method of bypassing this authorisation control has been discovered which would enable unauthorised access to be gained.
The vendor has released a fix for this vulnerability and download details are available within the advisory.