Nir Valtman

**Name of the Vulnerable Software and Affected Versions** IBM WebSphere MQ File Transfer Edition versions 7.0.4 and earlier **Description** The issue allows remote authenticated users to read files of arbitrary users via vectors involving a username in a URI. This can be demonstrated by modifying the metadata=fteSamplesUser field to the "/transfer" API endpoint. **Recommendations** For IBM WebSphere MQ File Transfer Edition versions 7.0.4 and earlier, consider restricting access to the "/transfer" API endpoint until a fix is available. As a temporary workaround, avoid using the `metadata` field with user-specific data in the "/transfer" URI to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** IBM WebSphere MQ File Transfer Edition versions 7.0.4 and earlier IBM WebSphere MQ - Managed File Transfer version 7.5 **Description** The issue allows remote attackers to hijack the authentication of arbitrary users for requests. This can be done through several API endpoints, including "/wmqfteconsole/Filespaces" to add user accounts, "/wmqfteconsole/FileSpacePermisssions" to modify permissions, and "/wmqfteconsole/UploadUsers" to add MQ Message Descriptor (MQMD) user accounts. **Recommendations** For IBM WebSphere MQ File Transfer Edition versions 7.0.4 and earlier, update to a version later than 7.0.4 to resolve the issue. For IBM WebSphere MQ - Managed File Transfer version 7.5, consider disabling access to the vulnerable API endpoints, such as `/wmqfteconsole/Filespaces`, `/wmqfteconsole/FileSpacePermisssions`, and `/wmqfteconsole/UploadUsers`, until a patch is available.