IBM MQ is a message oriented middleware that allows independent and non-concurrent applications on a distributed system to communicate with each other. IBM MQ is vulnerable to Cross Site Scripting (XSS).
IBM MQ versions 184.108.40.206 through 220.127.116.11
IBM MQ Continuous Delivery versions 9.0.1 through 9.0.3
QID Detection Logic: (Authenticated)
Operating Sytem: Linux
The QID runs the command “/opt/mqm/bin/dspmqver -v | grep -A3 ‘^Name'” and “/usr/mqm/bin/dspmqver -v | grep -A3 ‘^Name'” (for AIX only) to see if the system is running a vulnerable version of IBM MQ or not.
Operating System: Windows
The QID checks if the host is running a vulnerable version of IBM MQ by checking version of the file “bin\dspxmsver.exe”. The location of the file is determined via the registry key “HKLM\SOFTWARE\IBM\MQSeries\CurrentVersion” value “FilePath”.