2 matches found
Security Bulletin: IBM WebSphere MQ is affected by a privilege escalation vulnerability (CVE-2017-1612)
Summary IBM WebSphere MQ has addressed the following vulnerability. An undocumented environment variable intended for use by IBM support could be used to execute untrusted code using the 'mqm' user. Vulnerability Details CVEID: CVE-2017-1612 DESCRIPTION: IBM WebSphere MQ service trace module coul...
CVE-2017-1612
CVE-2017-1612 affects IBM WebSphere MQ: the service trace module in MQ 7.0.x–9.0.x could be used to execute untrusted code as the mqm user via an undocumented environment variable. Affected versions include 7.0.1.0–7.0.1.14, 7.1.0.0–7.1.0.8, 7.5.0.0–7.5.0.8, 8.0.0.0–8.0.0.7, 9.0.0.0–9.0.0.1, and ...