Vulnerability Description
IBM WebSphere MQ 6.x before 6.0.2.10 and 7.x before 7.0.1.3 allows remote attackers to spoof X.509 certificate authentication, and send or receive channel messages, via a crafted Subject Distinguished Name (DN) value in a certificate.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Websphere Mq | 6.0 |
References
- http://www-01.ibm.com/support/docview.wss?uid=swg1IZ68707
- http://www-01.ibm.com/support/docview.wss?uid=swg27014224
- https://exchange.xforce.ibmcloud.com/vulnerabilities/60018
- http://www-01.ibm.com/support/docview.wss?uid=swg1IZ68707
- http://www-01.ibm.com/support/docview.wss?uid=swg27014224
- https://exchange.xforce.ibmcloud.com/vulnerabilities/60018
FAQ
What is CVE-2010-0782?
CVE-2010-0782 is a vulnerability with a CVSS score of 4.3 (MEDIUM). IBM WebSphere MQ 6.x before 6.0.2.10 and 7.x before 7.0.1.3 allows remote attackers to spoof X.509 certificate authentication, and send or receive channel messages, via a crafted Subject Distinguished...
How severe is CVE-2010-0782?
CVE-2010-0782 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2010-0782?
Check the references section above for vendor advisories and patch information. Affected products include: Ibm Websphere Mq.