Vulnerability Details CVE-2008-1592
MQSeries 5.1 in IBM WebSphere MQ 5.1 through 5.3.1 on the HP NonStop and Tandem NSK platforms does not require mqm group membership for execution of administrative tasks, which allows local users to bypass intended access restrictions via the runmqsc program, related to "Pathway panels."
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 20.3%
CVSS Severity
CVSS v2 Score 4.6
References
- http://secunia.com/advisories/29360
- http://securitytracker.com/id?1019610
- http://www-1.ibm.com/support/docview.wss?uid=swg21297035
- http://www.securityfocus.com/bid/28235
- http://www.vupen.com/english/advisories/2008/0869
- http://secunia.com/advisories/29360
- http://securitytracker.com/id?1019610
- http://www-1.ibm.com/support/docview.wss?uid=swg21297035
- http://www.securityfocus.com/bid/28235
- http://www.vupen.com/english/advisories/2008/0869
Products affected by CVE-2008-1592
-
cpe:2.3:a:ibm:websphere_mq:5.1
-
cpe:2.3:a:ibm:websphere_mq:5.3
-
cpe:2.3:a:ibm:websphere_mq:5.3.1
-
cpe:2.3:o:hp:nonstop:*
-
cpe:2.3:o:tandem_computers:tandem_operating_system:nsk