vulnerability

IBM WebSphere Application Server: CVE-2016-0360: Potential security vulnerability in WebSphere Application Server MQ JCA Resource adapter (CVE-2016-0360)

Severity
8
CVSS
(AV:N/AC:L/Au:N/C:P/I:P/A:P)
Published
Feb 15, 2017
Added
Apr 27, 2018
Modified
May 5, 2025

Description

IBM Websphere MQ JMS 7.0.1, 7.1, 7.5, 8.0, and 9.0 client provides classes that deserialize objects from untrusted sources which could allow a malicious user to execute arbitrary Java code by adding vulnerable classes to the classpath. IBM Reference #: 1983457.

Solution(s)

ibm-was-install-7-0-0-0-pi74468ibm-was-install-8-0-0-0-pi74468ibm-was-install-8-5-0-0-pi74862ibm-was-install-9-0-0-0-pi74874ibm-was-upgrade-7-0-0-0-7-0-0-43ibm-was-upgrade-8-0-0-0-8-0-0-14ibm-was-upgrade-8-5-0-0-8-5-5-12ibm-was-upgrade-9-0-0-0-9-0-0-3
Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.