VYPR
Unrated severityNVD Advisory· Published Oct 2, 2014· Updated Jun 17, 2026

CVE-2014-4793

CVE-2014-4793

Description

IBM WebSphere MQ 8.x before 8.0.0.1 does not properly enforce CHLAUTH rules for blocking client connections in certain circumstances related to the CONNAUTH attribute, which allows remote authenticated users to bypass intended queue-manager access restrictions via unspecified vectors.

Affected products

2
  • IBM/Websphere Mq2 versions
    cpe:2.3:a:ibm:websphere_mq:8.0.0.0:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:ibm:websphere_mq:8.0.0.0:*:*:*:*:*:*:*
    • (no CPE)range: <8.0.0.1

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.