CVE-2016-8915

medium

Published 2017-02-22 · Modified 2026-05-13

CVSS v3

6.5

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CVSS v2

4.0

VIR risk

6.5

Description

IBM WebSphere MQ 8.0 could allow an authenticated user with access to the queue manager and queue, to deny service to other channels running under the same process. IBM Reference #: 1998649.

Predictions

Exploit likelihood

75%

Patch ETA

—

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: psirt@us.ibm.com — http://www.ibm.com/support/docview.wss?uid=swg21998649

Application impact

Vendor	Product	Versions
ibm	websphere_mq	`8.0`
ibm	websphere_mq	`8.0.0.0`
ibm	websphere_mq	`8.0.0.1`
ibm	websphere_mq	`8.0.0.2`
ibm	websphere_mq	`8.0.0.3`
ibm	websphere_mq	`8.0.0.4`
ibm	websphere_mq	`8.0.0.5`

References

http://www.ibm.com/support/docview.wss?uid=swg21998649
http://www.securityfocus.com/bid/96403
http://www.ibm.com/support/docview.wss?uid=swg21998649
http://www.securityfocus.com/bid/96403

CWEs

CWE-284

Verify integrity in audit chain (admin only). AS-IS.