Authentication Bypass Vulnerability in WebSphere MQ 8.0.0.1

Authentication Bypass Vulnerability in WebSphere MQ 8.0.0.1

CVE-2014-6116 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:P/A:N

The Telemetry Component in WebSphere MQ 8.0.0.1 before p000-001-L140910 allows remote attackers to bypass authentication by setting the JAASConfig property in an MQTT client configuration.

Learn more about our Cis Benchmark Audit For Ibm Websphere.