Lucene search

[email protected]NVD:CVE-2018-1551

HistoryAug 06, 2018 - 2:29 p.m.

CVE-2018-1551

2018-08-0614:29:00

CWE-732

[email protected]

web.nvd.nist.gov

6 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:S/C:P/I:P/A:P

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

4.8 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

56.9%

JSON

IBM WebSphere MQ 8.0.0.2 through 8.0.0.8 and 9.0.0.0 through 9.0.0.3 could allow users to have more authority than they should have if an MQ administrator creates an invalid user group name. IBM X-Force ID: 142888.

Affected configurations

NVD

Node

ibmwebsphere_mqRange8.0.0.2–8.0.0.8

ibmwebsphere_mqRange9.0.0.0–9.0.0.3

References

www.securityfocus.com/bid/105040

exchange.xforce.ibmcloud.com/vulnerabilities/142888

www.ibm.com/support/docview.wss?uid=ibm10716113

6 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:S/C:P/I:P/A:P

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

4.8 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

56.9%

JSON

Related for NVD:CVE-2018-1551

cvelist1 nessus1 ibm1 cve1 prion1