Missing CRL Distribution Points Certificate Extension in IBM WebSphere MQ 6.0 and 7.0

Missing CRL Distribution Points Certificate Extension in IBM WebSphere MQ 6.0 and 7.0

CVE-2011-1224 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:P/A:N

IBM WebSphere MQ 6.0 before 6.0.2.11 and 7.0 before 7.0.1.5 does not use the CRL Distribution Points (CDP) certificate extension, which might allow man-in-the-middle attackers to spoof an SSL partner via a revoked certificate for a (1) client, (2) queue manager, or (3) application.

Learn more about our Cis Benchmark Audit For Ibm Websphere.