CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2015-5011

IBM WebSphere Message Broker 8 before 8.0.0.6 and Integration Bus 9 before 9.0.0.4 do not check authorization for MQSISTARTMSGFLOW and MQSISTOPMSGFLOW commands, which allows local users to bypass intended access restrictions, and start or stop a service, by issuing a command.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 32.9%

CVSS Severity

CVSS v2 Score 3.2

References

Products affected by CVE-2015-5011

Ibm » Integration Bus » Version: 9.0

cpe:2.3:a:ibm:integration_bus:9.0
Ibm » Integration Bus » Version: 9.0.0.1

cpe:2.3:a:ibm:integration_bus:9.0.0.1
Ibm » Integration Bus » Version: 9.0.0.2

cpe:2.3:a:ibm:integration_bus:9.0.0.2
Ibm » Integration Bus » Version: 9.0.0.3

cpe:2.3:a:ibm:integration_bus:9.0.0.3
Ibm » Websphere Message Broker » Version: 8.0

cpe:2.3:a:ibm:websphere_message_broker:8.0
Ibm » Websphere Message Broker » Version: 8.0.0.1

cpe:2.3:a:ibm:websphere_message_broker:8.0.0.1
Ibm » Websphere Message Broker » Version: 8.0.0.2

cpe:2.3:a:ibm:websphere_message_broker:8.0.0.2
Ibm » Websphere Message Broker » Version: 8.0.0.3

cpe:2.3:a:ibm:websphere_message_broker:8.0.0.3
Ibm » Websphere Message Broker » Version: 8.0.0.4

cpe:2.3:a:ibm:websphere_message_broker:8.0.0.4
Ibm » Websphere Message Broker » Version: 8.0.0.5

cpe:2.3:a:ibm:websphere_message_broker:8.0.0.5

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2015-5011

Products

Pricing

Contact Us