Authorization Bypass in IBM WebSphere Message Broker and Integration Bus
CVE-2015-5011
Currently unrated
Summary
IBM WebSphere Message Broker versions prior to 8.0.0.6 and Integration Bus versions prior to 9.0.0.4 are susceptible to an authorization bypass vulnerability. This flaw allows local users to execute MQSISTARTMSGFLOW and MQSISTOPMSGFLOW commands without proper authorization, potentially enabling them to start or stop message flows, which could disrupt services and compromise the integrity of system operations.
References
Timeline
Vulnerability published
Vulnerability Reserved