2 matches found
Security Bulletin: MQSISTOP/STARTMSGFLOW commands with unauthorized user succeed affects IBM WebSphere Message Broker and IBM Integration Bus (CVE-2015-5011)
Summary MQSISTOP/STARTMSGFLOW commands with unauthorized user succeed affecting IBM WebSphere Message Broker and IBM Integration Bus Vulnerability Details CVEID: CVE-2015-5011 DESCRIPTION: IBM Integration Bus could allow a local user to start and stop a service that they should not have access to...
CVE-2015-5011
The vulnerability CVE-2015-5011 affects IBM WebSphere Message Broker 8 (pre-8.0.0.6) and IBM Integration Bus 9 (pre-9.0.0.4). The root cause is failure to perform authorization for MQSISTARTMSGFLOW and MQSISTOPMSGFLOW commands, allowing a local attacker to bypass access controls and start or stop...