CVE-2018-1551
LOWIBM Websphere MQ < 8.0.0.8 - Incorrect Permission Assignment
Title source: ruleDescription
IBM WebSphere MQ 8.0.0.2 through 8.0.0.8 and 9.0.0.0 through 9.0.0.3 could allow users to have more authority than they should have if an MQ administrator creates an invalid user group name. IBM X-Force ID: 142888.
References (3)
Core 3
Core References
Vendor Advisory x_refsource_confirm
https://www.ibm.com/support/docview.wss?uid=ibm10716113
VDB Entry, Vendor Advisory vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/142888
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/105040
Scores
CVSS v3
3.1
EPSS
0.0021
EPSS Percentile
43.0%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N
Details
CWE
CWE-732
Status
published
Products (1)
ibm/websphere_mq
8.0.0.2 - 8.0.0.8
Published
Aug 06, 2018
Tracked Since
Feb 18, 2026