IBM MQ could allow users to have more authority than they should have if an MQ administrator creates an invalid user group name.
CVEID: CVE-2018-1551 DESCRIPTION: IBM MQ could allow users to have more authority than they should have if an MQ administrator creates an invalid user group name.
CVSS Base Score: 3.1
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/142888> for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N)
IBM MQ v8.0.0.2 to 8.0.0.8
IBM MQ 9.0.0.0 to 9.0.0.3
IBM MQ v8.0.0.2 to 8.0.0.8
Apply fix pack 8.0.0.9 or above
IBM MQ 9.0.0.0 to 9.0.0.3
Apply fix pack 9.0.0.4 or above
None