Vulnerability Details CVE-2016-5879
MQCLI on IBM MQ Appliance M2000 and M2001 devices allows local users to execute arbitrary shell commands via a crafted (1) Disaster Recovery or (2) High Availability command.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 10.7%
CVSS Severity
CVSS v3 Score 8.8
CVSS v2 Score 4.6
References
- http://www-01.ibm.com/support/docview.wss?uid=swg1IT16174
- http://www-01.ibm.com/support/docview.wss?uid=swg21987697
- http://www.securityfocus.com/bid/92538
- http://www-01.ibm.com/support/docview.wss?uid=swg1IT16174
- http://www-01.ibm.com/support/docview.wss?uid=swg21987697
- http://www.securityfocus.com/bid/92538
Products affected by CVE-2016-5879
-
cpe:2.3:h:ibm:mq_appliance_m2000:-
-
cpe:2.3:h:ibm:mq_appliance_m2001:-
-
cpe:2.3:o:ibm:mq_appliance_firmware:8.0