#VU15812 Denial of service in IBM MQ - CVE-2018-1684

Cybersecurity Help s.r.o.

Published: 2018-11-13

Vulnerability identifier: #VU15812

Vulnerability risk: Low

CVSSv4.0: 2.3 [CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2018-1684

CWE-ID: CWE-264

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
IBM MQ
Server applications / Other server solutions

Vendor: IBM Corporation

Description
The vulnerability allows a remote authenticated attacker to cause DoS condition on the target system.

The weakness exists due to a problem within the IBM MQ MQTT Service logic. A remote attacker can trigger an error with MQTT topic string publishing and cause a denial of service attack to be executed against MQTT clients attempting to connect to the queue manager.

Mitigation
Install update from vendor's website.

Vulnerable software versions

IBM MQ: 8.0.0.0 - 8.0.0.10, 9.0.0 - 9.0.5, 9.1.0.0

External links
https://www-01.ibm.com/support/docview.wss?uid=ibm10734297&myns=swgws&mynp=OCSSYHRD&...

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Multiple vulnerabilities in IBM MQ