Bypassing CHLAUTH Rules in IBM WebSphere MQ 8.x

Bypassing CHLAUTH Rules in IBM WebSphere MQ 8.x

CVE-2014-4793 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:P/A:P

IBM WebSphere MQ 8.x before 8.0.0.1 does not properly enforce CHLAUTH rules for blocking client connections in certain circumstances related to the CONNAUTH attribute, which allows remote authenticated users to bypass intended queue-manager access restrictions via unspecified vectors.

Learn more about our Cis Benchmark Audit For Ibm Websphere.