Privilege Escalation Vulnerability in IBM WebSphere Message Broker
CVE-2012-3317

Currently unrated

Key Information:

Vendor: IBM
Status: Websphere Message Broker
Vendor: CVE Published:; 5 December 2012

Summary

The vulnerability in IBM WebSphere Message Broker arises from incorrect ownership settings on specific uninstaller Java Runtime Environment (JRE) files. This flaw could potentially allow local users to exploit these permissions to gain elevated privileges by utilizing access associated with user ID 501 or group ID 300. Consequently, this presents a risk where unauthorized users may execute actions that could compromise system integrity.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/77818

vdb-entryx_refsource_XF

http://www-01.ibm.com/support/docview.wss?uid=swg1IC85477

vendor-advisoryx_refsource_AIXAPAR

http://www.ibm.com/support/docview.wss?uid=swg21611401

x_refsource_CONFIRM

Timeline

Vulnerability published
Dec 5, 2012
Vulnerability Reserved
Jun 7, 2012