IBM Security Bulletin: IBM MQ Passwords specified by MQ java or JMS applications can appear in WebSphere Application Server trace. (CVE-2017-1284)
Passwords specified by MQ java or JMS applications can appear in WebSphere Application Server trace when establishing CLIENT transport mode connections.
CVE(s): CVE-2017-1284
Affected product(s) and affected version(s):
IBM MQ V9 CD
- IBM MQ 9.0.1 – 9.0.2 levels.
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2tZnAV7
X-Force Database: http://ift.tt/2uyag77
The post IBM Security Bulletin: IBM MQ Passwords specified by MQ java or JMS applications can appear in WebSphere Application Server trace. (CVE-2017-1284) appeared first on IBM PSIRT Blog.
from IBM Product Security Incident Response Team http://ift.tt/2tZNYyb