Lucene search
HistoryOct 30, 2011 - 7:55 p.m.
CVE-2009-0905
ibm
websphere
mq
vulnerability
privilege escalation
cve-2009-0905
nvd
1.7 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:L/AC:L/Au:S/C:N/I:P/A:N
6.6 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
5.1%
IBM WebSphere MQ 6.0 before 6.0.2.8 and 7.0 before 7.0.1.0 does not properly handle long group names, which might allow local users to gain privileges by leveraging combinations of group names with the same initial substring.
Affected configurations
Node
ibmwebsphere_mqMatch6.0
ORibmwebsphere_mqMatch6.0.1.0
ORibmwebsphere_mqMatch6.0.1.1
ORibmwebsphere_mqMatch6.0.2.0
ORibmwebsphere_mqMatch6.0.2.1
ORibmwebsphere_mqMatch6.0.2.2
ORibmwebsphere_mqMatch6.0.2.3
ORibmwebsphere_mqMatch6.0.2.4
ORibmwebsphere_mqMatch6.0.2.5
ORibmwebsphere_mqMatch6.0.2.6
ORibmwebsphere_mqMatch6.0.2.7
Node
ibmwebsphere_mqMatch7.0
ORibmwebsphere_mqMatch7.0.0.1
ORibmwebsphere_mqMatch7.0.0.2
Related
nvd
nvd
CVE-2009-0905
2011-10-30 19:55:00
seebug
seebug
IBM WebSphere MQ 权限提升漏洞
2011-11-01 00:00:00
prion
prion
Code injection
2011-10-30 19:55:00
cvelist
cvelist
CVE-2009-0905
2011-10-30 19:00:00
1.7 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:L/AC:L/Au:S/C:N/I:P/A:N
6.6 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
5.1%
Related for CVE-2009-0905