Local Access Vulnerability in IBM WebSphere Message Broker
CVE-2017-1144

2.5LOW

Key Information:

Vendor

IBM
Status
Integration Bus
Vendor
CVE Published:
5 July 2017

What is CVE-2017-1144?

A local user with specialized access privileges can leverage a vulnerability in IBM WebSphere Message Broker to prevent the message broker from starting. This could result in significant service disruptions, affecting applications reliant on the broker for message processing. Adequate access controls and monitoring should be implemented to mitigate this risk.

Affected Version(s)

Integration Bus 9.0

Integration Bus 10.0

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/122033
x_refsource_MISC
http://www.ibm.com/support/docview.wss?uid=swg22005383
x_refsource_CONFIRM
http://www.securityfocus.com/bid/99365
vdb-entryx_refsource_BID

CVSS V3.1

Score:
2.5
Severity:
LOW
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Local
Attack Complexity:
High
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.