CVE-2014-4771

Severity Score

3.5

*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

IBM WebSphere MQ 7.0.1 before 7.0.1.13, 7.1 before 7.1.0.6, 7.5 before 7.5.0.5, and 8 before 8.0.0.1 allows remote authenticated users to cause a denial of service (queue-slot exhaustion) by leveraging PCF query privileges for a crafted query.

IBM WebSphere MQ 7.0.1 anterior a 7.0.1.13, 7.1 anterior a 7.1.0.6, 7.5 anterior a 7.5.0.5, y 8 anterior a 8.0.0.1 permite a usuarios remotos autenticados causar una denegación de servicio (agotamiento del hueco en cola) mediante el aprovechamiento de los privilegios de consultas PCF para una consulta manipulada.

*Credits: N/A

CVSS Scores

NISTv2 3.5

Attack Vector

Network

Attack Complexity

Medium

Authentication

Single

Confidentiality

None

Integrity

None

Availability

Partial

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2014-07-09 CVE Reserved
2015-02-13 CVE Published
2023-03-07 EPSS Updated
2024-08-06 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-399: Resource Management Errors

CAPEC

References (3)

URL	Tag	Source
https://exchange.xforce.ibmcloud.com/vulnerabilities/94842	Vdb Entry

URL	Date	SRC

URL	Date	SRC
http://www-01.ibm.com/support/docview.wss?uid=swg21696120	2017-08-29

URL	Date	SRC
http://www-01.ibm.com/support/docview.wss?uid=swg1IV69190	2017-08-29

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Ibm Search vendor "Ibm"		Websphere Mq Search vendor "Ibm" for product "Websphere Mq"				7.0.1.0 Search vendor "Ibm" for product "Websphere Mq" and version "7.0.1.0"		-		Affected
Ibm Search vendor "Ibm"		Websphere Mq Search vendor "Ibm" for product "Websphere Mq"				7.0.1.1 Search vendor "Ibm" for product "Websphere Mq" and version "7.0.1.1"		-		Affected
Ibm Search vendor "Ibm"		Websphere Mq Search vendor "Ibm" for product "Websphere Mq"				7.0.1.2 Search vendor "Ibm" for product "Websphere Mq" and version "7.0.1.2"		-		Affected
Ibm Search vendor "Ibm"		Websphere Mq Search vendor "Ibm" for product "Websphere Mq"				7.0.1.3 Search vendor "Ibm" for product "Websphere Mq" and version "7.0.1.3"		-		Affected
Ibm Search vendor "Ibm"		Websphere Mq Search vendor "Ibm" for product "Websphere Mq"				7.0.1.4 Search vendor "Ibm" for product "Websphere Mq" and version "7.0.1.4"		-		Affected
Ibm Search vendor "Ibm"		Websphere Mq Search vendor "Ibm" for product "Websphere Mq"				7.0.1.5 Search vendor "Ibm" for product "Websphere Mq" and version "7.0.1.5"		-		Affected
Ibm Search vendor "Ibm"		Websphere Mq Search vendor "Ibm" for product "Websphere Mq"				7.0.1.6 Search vendor "Ibm" for product "Websphere Mq" and version "7.0.1.6"		-		Affected
Ibm Search vendor "Ibm"		Websphere Mq Search vendor "Ibm" for product "Websphere Mq"				7.0.1.7 Search vendor "Ibm" for product "Websphere Mq" and version "7.0.1.7"		-		Affected
Ibm Search vendor "Ibm"		Websphere Mq Search vendor "Ibm" for product "Websphere Mq"				7.0.1.8 Search vendor "Ibm" for product "Websphere Mq" and version "7.0.1.8"		-		Affected
Ibm Search vendor "Ibm"		Websphere Mq Search vendor "Ibm" for product "Websphere Mq"				7.0.1.9 Search vendor "Ibm" for product "Websphere Mq" and version "7.0.1.9"		-		Affected
Ibm Search vendor "Ibm"		Websphere Mq Search vendor "Ibm" for product "Websphere Mq"				7.0.1.10 Search vendor "Ibm" for product "Websphere Mq" and version "7.0.1.10"		-		Affected
Ibm Search vendor "Ibm"		Websphere Mq Search vendor "Ibm" for product "Websphere Mq"				7.0.1.11 Search vendor "Ibm" for product "Websphere Mq" and version "7.0.1.11"		-		Affected
Ibm Search vendor "Ibm"		Websphere Mq Search vendor "Ibm" for product "Websphere Mq"				7.0.1.12 Search vendor "Ibm" for product "Websphere Mq" and version "7.0.1.12"		-		Affected
Ibm Search vendor "Ibm"		Websphere Mq Search vendor "Ibm" for product "Websphere Mq"				7.1 Search vendor "Ibm" for product "Websphere Mq" and version "7.1"		-		Affected
Ibm Search vendor "Ibm"		Websphere Mq Search vendor "Ibm" for product "Websphere Mq"				7.1.0.1 Search vendor "Ibm" for product "Websphere Mq" and version "7.1.0.1"		-		Affected
Ibm Search vendor "Ibm"		Websphere Mq Search vendor "Ibm" for product "Websphere Mq"				7.1.0.2 Search vendor "Ibm" for product "Websphere Mq" and version "7.1.0.2"		-		Affected
Ibm Search vendor "Ibm"		Websphere Mq Search vendor "Ibm" for product "Websphere Mq"				7.1.0.3 Search vendor "Ibm" for product "Websphere Mq" and version "7.1.0.3"		-		Affected
Ibm Search vendor "Ibm"		Websphere Mq Search vendor "Ibm" for product "Websphere Mq"				7.1.0.4 Search vendor "Ibm" for product "Websphere Mq" and version "7.1.0.4"		-		Affected
Ibm Search vendor "Ibm"		Websphere Mq Search vendor "Ibm" for product "Websphere Mq"				7.1.0.5 Search vendor "Ibm" for product "Websphere Mq" and version "7.1.0.5"		-		Affected
Ibm Search vendor "Ibm"		Websphere Mq Search vendor "Ibm" for product "Websphere Mq"				7.5 Search vendor "Ibm" for product "Websphere Mq" and version "7.5"		-		Affected
Ibm Search vendor "Ibm"		Websphere Mq Search vendor "Ibm" for product "Websphere Mq"				7.5.0.1 Search vendor "Ibm" for product "Websphere Mq" and version "7.5.0.1"		-		Affected
Ibm Search vendor "Ibm"		Websphere Mq Search vendor "Ibm" for product "Websphere Mq"				7.5.0.2 Search vendor "Ibm" for product "Websphere Mq" and version "7.5.0.2"		-		Affected
Ibm Search vendor "Ibm"		Websphere Mq Search vendor "Ibm" for product "Websphere Mq"				7.5.0.3 Search vendor "Ibm" for product "Websphere Mq" and version "7.5.0.3"		-		Affected
Ibm Search vendor "Ibm"		Websphere Mq Search vendor "Ibm" for product "Websphere Mq"				7.5.0.4 Search vendor "Ibm" for product "Websphere Mq" and version "7.5.0.4"		-		Affected
Ibm Search vendor "Ibm"		Websphere Mq Search vendor "Ibm" for product "Websphere Mq"				8.0.0.0 Search vendor "Ibm" for product "Websphere Mq" and version "8.0.0.0"		-		Affected