Vulnerability Details CVE-2018-1551
IBM WebSphere MQ 8.0.0.2 through 8.0.0.8 and 9.0.0.0 through 9.0.0.3 could allow users to have more authority than they should have if an MQ administrator creates an invalid user group name. IBM X-Force ID: 142888.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 50.7%
CVSS Severity
CVSS v3 Score 3.1
CVSS v2 Score 6.0
References
- http://www.securityfocus.com/bid/105040
- https://exchange.xforce.ibmcloud.com/vulnerabilities/142888
- https://www.ibm.com/support/docview.wss?uid=ibm10716113
- http://www.securityfocus.com/bid/105040
- https://exchange.xforce.ibmcloud.com/vulnerabilities/142888
- https://www.ibm.com/support/docview.wss?uid=ibm10716113
Products affected by CVE-2018-1551
-
cpe:2.3:a:ibm:websphere_mq:8.0.0.2
-
cpe:2.3:a:ibm:websphere_mq:8.0.0.3
-
cpe:2.3:a:ibm:websphere_mq:8.0.0.4
-
cpe:2.3:a:ibm:websphere_mq:8.0.0.5
-
cpe:2.3:a:ibm:websphere_mq:8.0.0.6
-
cpe:2.3:a:ibm:websphere_mq:8.0.0.7
-
cpe:2.3:a:ibm:websphere_mq:8.0.0.8
-
cpe:2.3:a:ibm:websphere_mq:9.0.0.0
-
cpe:2.3:a:ibm:websphere_mq:9.0.0.1
-
cpe:2.3:a:ibm:websphere_mq:9.0.0.2
-
cpe:2.3:a:ibm:websphere_mq:9.0.0.3