Arbitrary Code Execution Vulnerability in IBM Websphere MQ JMS Client

Arbitrary Code Execution Vulnerability in IBM Websphere MQ JMS Client

CVE-2016-0360 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

IBM Websphere MQ JMS 7.0.1, 7.1, 7.5, 8.0, and 9.0 client provides classes that deserialize objects from untrusted sources which could allow a malicious user to execute arbitrary Java code by adding vulnerable classes to the classpath. IBM Reference #: 1983457.

Learn more about our Cis Benchmark Audit For Ibm Websphere.