Authorization Bypass in IBM WebSphere Message Broker and Integration Bus
CVE-2015-5011

Currently unrated

Key Information:

Vendor
IBM
Vendor
CVE Published:
26 October 2015

Summary

IBM WebSphere Message Broker versions prior to 8.0.0.6 and Integration Bus versions prior to 9.0.0.4 are susceptible to an authorization bypass vulnerability. This flaw allows local users to execute MQSISTARTMSGFLOW and MQSISTOPMSGFLOW commands without proper authorization, potentially enabling them to start or stop message flows, which could disrupt services and compromise the integrity of system operations.

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.