{"id":284,"date":"2016-01-25T13:20:47","date_gmt":"2016-01-25T07:50:47","guid":{"rendered":"http:\/\/www.middlewareprimer.com\/blog\/?p=284"},"modified":"2016-01-25T13:22:45","modified_gmt":"2016-01-25T07:52:45","slug":"ibm-websphere-mq-gskit-component-vulnerability-cve-2016-0201","status":"publish","type":"post","link":"http:\/\/www.middlewareprimer.com\/blog\/2016\/01\/25\/ibm-websphere-mq-gskit-component-vulnerability-cve-2016-0201\/","title":{"rendered":"WebSphere MQ GSKit component vulnerability CVE-2016-0201"},"content":{"rendered":"

A vulnerability has been addressed in the GSKit component of IBM WebSphere MQ where an attacker can get the authentication credentials.<\/p>\n

CVEID: CVE-2016-0201<\/a><\/p>\n

DESCRIPTION: IBM GSKit could allow a remote attacker to obtain sensitive information, caused by a MD5 collision. An attacker could exploit this vulnerability to obtain authentication credentials.<\/p>\n

As mentioned in IBM Support Portal Technote<\/a>, respective APARs needs to be applied for Websphere MQ.<\/p>\n

Affected Versions<\/strong><\/span><\/p>\n

IBM WebSphere MQ 8.0 : Fix Pack 8.0.0.4 and previous maintenance levels
\nIBM WebSphere MQ 7.5 : Fix Pack 7.5.0.5 and previous maintenance levels
\nIBM WebSphere MQ 7.1 : Fix Pack 7.1.0.7 and previous maintenance levels
\nIBM WebSphere MQ 7.0 : Fix Pack 7.0.1.13 and previous maintenance levels<\/p>\n

Apply Below APARs<\/strong><\/span>
\nIBM WebSphere MQ 8.0 : Apply the ifix for APAR IT13023<\/a>
\nIBM WebSphere MQ 7.5 : Apply the ifix for APAR IV77604<\/a>
\nIBM WebSphere MQ 7.1 : Apply the ifix for APAR IV77604<\/a>
\nIBM WebSphere MQ 7.0.1 : Apply the ifix for APAR IV77604<\/a><\/p>\n

 <\/p>\n","protected":false},"excerpt":{"rendered":"

A vulnerability has been addressed in the GSKit component of IBM WebSphere MQ where an attacker can get the authentication credentials. CVEID: CVE-2016-0201 DESCRIPTION: IBM GSKit could allow a remote attacker to obtain sensitive information, caused by a MD5 collision. An attacker could exploit this vulnerability to obtain authentication credentials. As mentioned in IBM Support […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[21],"tags":[66,67,65],"class_list":["post-284","post","type-post","status-publish","format-standard","hentry","category-ibm-integration-bus","tag-cve-2016-0201","tag-vulnerability","tag-websphere-mq"],"_links":{"self":[{"href":"http:\/\/www.middlewareprimer.com\/blog\/wp-json\/wp\/v2\/posts\/284","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.middlewareprimer.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.middlewareprimer.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.middlewareprimer.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"http:\/\/www.middlewareprimer.com\/blog\/wp-json\/wp\/v2\/comments?post=284"}],"version-history":[{"count":3,"href":"http:\/\/www.middlewareprimer.com\/blog\/wp-json\/wp\/v2\/posts\/284\/revisions"}],"predecessor-version":[{"id":287,"href":"http:\/\/www.middlewareprimer.com\/blog\/wp-json\/wp\/v2\/posts\/284\/revisions\/287"}],"wp:attachment":[{"href":"http:\/\/www.middlewareprimer.com\/blog\/wp-json\/wp\/v2\/media?parent=284"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.middlewareprimer.com\/blog\/wp-json\/wp\/v2\/categories?post=284"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.middlewareprimer.com\/blog\/wp-json\/wp\/v2\/tags?post=284"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}