CVE-2018-1551

3.1LOW

Key Information:

Vendor: IBM
Status: Websphere MQ
Vendor: CVE Published:; 6 August 2018

Summary

IBM WebSphere MQ 8.0.0.2 through 8.0.0.8 and 9.0.0.0 through 9.0.0.3 could allow users to have more authority than they should have if an MQ administrator creates an invalid user group name. IBM X-Force ID: 142888.

Affected Version(s)

WebSphere MQ 8.0.0.2

WebSphere MQ 8.0.0.4

WebSphere MQ 8.0.0.3

References

https://www.ibm.com/support/docview.wss?uid=ibm10716113

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/142888

vdb-entryx_refsource_XF

http://www.securityfocus.com/bid/105040

vdb-entryx_refsource_BID

CVSS V3.1

Score:

3.1

Severity:

LOW

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Aug 6, 2018
Vulnerability Reserved
Dec 13, 2017