Описание
MQSeries 5.1 in IBM WebSphere MQ 5.1 through 5.3.1 on the HP NonStop and Tandem NSK platforms does not require mqm group membership for execution of administrative tasks, which allows local users to bypass intended access restrictions via the runmqsc program, related to "Pathway panels."
Ссылки
- Patch
- Patch
Уязвимые конфигурации
Конфигурация 1
Одновременно
Одно из
cpe:2.3:o:hp:nonstop:*:*:*:*:*:*:*:*
cpe:2.3:o:tandem_computers:tandem_operating_system:nsk:*:*:*:*:*:*:*
Одно из
cpe:2.3:a:ibm:websphere_mq:5.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_mq:5.3:*:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_mq:5.3.1:*:*:*:*:*:*:*
EPSS
Процентиль: 20%
0.00064
Низкий
4.6 Medium
CVSS2
Дефекты
CWE-264
Связанные уязвимости
github
почти 4 года назад
MQSeries 5.1 in IBM WebSphere MQ 5.1 through 5.3.1 on the HP NonStop and Tandem NSK platforms does not require mqm group membership for execution of administrative tasks, which allows local users to bypass intended access restrictions via the runmqsc program, related to "Pathway panels."
EPSS
Процентиль: 20%
0.00064
Низкий
4.6 Medium
CVSS2
Дефекты
CWE-264