Lucene search

[email protected]CVE-2016-0259

HistoryJun 26, 2016 - 2:59 p.m.

CVE-2016-0259

2016-06-2614:59:00

CWE-200

[email protected]

web.nvd.nist.gov

ibm websphere

websphere mq

ibm

cve-2016-0259

vulnerability

security

nvd

2.5 Low

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N

3.4 Low

AI Score

Confidence

Low

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

0.0004 Low

EPSS

Percentile

5.2%

JSON

runmqsc in IBM WebSphere MQ 8.x before 8.0.0.5 allows local users to bypass an intended +dsp authority requirement and obtain sensitive information via unspecified display commands.

CPENameOperatorVersion
ibm:websphere_mqibm websphere mqeq8.0.0.3
ibm:websphere_mqibm websphere mqeq8.0.0.2
ibm:websphere_mqibm websphere mqeq8.0.0.4
ibm:websphere_mqibm websphere mqeq8.0.0.1

CPE	Name	Operator	Version
ibm:websphere_mq	ibm websphere mq	eq	8.0.0.3
ibm:websphere_mq	ibm websphere mq	eq	8.0.0.2
ibm:websphere_mq	ibm websphere mq	eq	8.0.0.4
ibm:websphere_mq	ibm websphere mq	eq	8.0.0.1

References

www-01.ibm.com/support/docview.wss?uid=swg21984561

www.securitytracker.com/id/1036179

2.5 Low

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N

3.4 Low

AI Score

Confidence

Low

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

0.0004 Low

EPSS

Percentile

5.2%

JSON

Related for CVE-2016-0259

prion1 nessus1 ibm1 cvelist1 openvas1