Lucene search
IBM901CFB6525ED5C7A8B0A35ADB3DB27B513E1E1A656F811BBE73D3707CEFF381FHistoryJul 31, 2018 - 4:37 p.m.
Security Bulletin: Invalid user group vulnerability in IBM MQ on Unix platform(CVE-2018-1551)
2018-07-3116:37:53
www.ibm.com
11
EPSS
0.002
Percentile
56.8%
Summary
IBM MQ could allow users to have more authority than they should have if an MQ administrator creates an invalid user group name.
Vulnerability Details
CVEID: CVE-2018-1551 DESCRIPTION: IBM MQ could allow users to have more authority than they should have if an MQ administrator creates an invalid user group name.
CVSS Base Score: 3.1
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/142888> for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N)
Affected Products and Versions
IBM MQ v8.0.0.2 to 8.0.0.8
IBM MQ 9.0.0.0 to 9.0.0.3
Remediation/Fixes
IBM MQ v8.0.0.2 to 8.0.0.8
Apply fix pack 8.0.0.9 or above
IBM MQ 9.0.0.0 to 9.0.0.3
Apply fix pack 9.0.0.4 or above
Workarounds and Mitigations
None
Related
cvelist
cvelist
CVE-2018-1551
2018-08-06 14:00:00
nessus
nessus
IBM MQ 8.0.0.2 < 8.0.0.9 / 9.0.0.0 < 9.0.0.4 (716113)
2021-01-12 00:00:00
nvd
nvd
CVE-2018-1551
2018-08-06 14:29:00
prion
prion
Code injection
2018-08-06 14:29:00
cve
cve
CVE-2018-1551
2018-08-06 14:29:00
EPSS
0.002
Percentile
56.8%
Related for 901CFB6525ED5C7A8B0A35ADB3DB27B513E1E1A656F811BBE73D3707CEFF381F