CVE-2017-1591 IBM MQ Cross Site Scripting (XSS) Vulnerability (swg22009804)

漏洞类别:Local

漏洞等级:

漏洞信息

IBM MQ is a message oriented middleware that allows independent and non-concurrent applications on a distributed system to communicate with each other. IBM MQ is vulnerable to Cross Site Scripting (XSS).

Affected Versions:
IBM MQ versions 8.0.0.0 through 8.0.0.7
IBM MQ Continuous Delivery versions 9.0.1 through 9.0.3

QID Detection Logic: (Authenticated)
Operating Sytem: Linux
The QID runs the command “/opt/mqm/bin/dspmqver -v | grep -A3 ‘^Name'” and “/usr/mqm/bin/dspmqver -v | grep -A3 ‘^Name'” (for AIX only) to see if the system is running a vulnerable version of IBM MQ or not.

Operating System: Windows
The QID checks if the host is running a vulnerable version of IBM MQ by checking version of the file “bin\dspxmsver.exe”. The location of the file is determined via the registry key “HKLM\SOFTWARE\IBM\MQSeries\CurrentVersion” value “FilePath”.

漏洞危害

An unauthenticated, remote attacker could exploit this vulnerability to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.

解决方案

Please refer to IBM advisory SWG22009804 for further information.

Patch:
Following are links for downloading patches to fix the vulnerabilities:

swg22009804

Leave a Reply