CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2017-1118
https://notcve.org/view.php?id=CVE-2017-1118
02 Aug 2017 — IBM WebSphere MQ Internet Pass-Thru 2.0 and 2.1 could allow n attacker to cause the MQIPT to stop responding due to an incorrectly configured security policy. IBM X-Force ID: 121156. BM WebSphere MQ Internet Pass-Thru 2.0 y 2.1 podría permitir que un atacante haga que MQIPT deje de responder por una política de seguridad configurada incorrectamente. IBM X-Force ID: 121156. • http://www.ibm.com/support/docview.wss?uid=swg22006580 •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2015-0173
https://notcve.org/view.php?id=CVE-2015-0173
28 Jun 2015 — The HTTP connection-management functionality in Internet Pass-Thru (IPT) before 2.1.0.2 in IBM WebSphere MQ, when HTTPS is disabled, does not properly generate MQIPT Session IDs, which makes it easier for remote attackers to bypass intended restrictions on MQ message data by predicting an ID value. La funcionalidad HTTP connection-management en Internet Pass-Thru (IPT) anterior a 2.1.0.2 en IBM WebSphere MQ, cuando HTTPS está deshabilitado, no genera correctamente los identificadores de las sesiones MQIPT, ... • http://www-01.ibm.com/support/docview.wss?uid=swg21699547 • CWE-17: DEPRECATED: Code •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2013-5401
https://notcve.org/view.php?id=CVE-2013-5401
21 Mar 2014 — The command-port listener in IBM WebSphere MQ Internet Pass-Thru (MQIPT) 2.x before 2.1.0.1 allows remote attackers to cause a denial of service (remote-administration outage) via unspecified vectors. El listener de puerto de comando en IBM WebSphere MQ Internet Pass-Thru (MQIPT) 2.x anterior a 2.1.0.1 permite a atacantes remotos causar una denegación de servicio (interrupción de administración remota) a través de vectores no especificados. • http://www-01.ibm.com/support/docview.wss?uid=swg21666863 •