CVE-2017-1341

Опубликовано: 07 дек. 2017

Источник: nvd

CVSS3: 3.7

CVSS2: 4.3

EPSS Низкий

Описание

IBM WebSphere MQ 8.0 and 9.0 could allow, under special circumstances, an unauthorized user to access an object which they should have been denied access. IBM X-Force ID: 126456.

Ссылки

http://www.ibm.com/support/docview.wss?uid=swg22005400
Issue Tracking
Vendor Advisory
http://www.securityfocus.com/bid/102042
Third Party Advisory
VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/126456
Issue Tracking
VDB Entry
Vendor Advisory
http://www.ibm.com/support/docview.wss?uid=swg22005400
Issue Tracking
Vendor Advisory
http://www.securityfocus.com/bid/102042
Third Party Advisory
VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/126456
Issue Tracking
VDB Entry
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:ibm:websphere_mq:8.0.0.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_mq:8.0.0.2:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_mq:8.0.0.3:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_mq:8.0.0.4:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_mq:8.0.0.5:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_mq:8.0.0.6:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_mq:8.0.0.7:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_mq:9.0:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_mq:9.0.0.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_mq:9.0.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_mq:9.0.2:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_mq:9.0.3:*:*:*:*:*:*:*

EPSS

Процентиль: 42%

0.00198

Низкий

3.7 Low

CVSS3

4.3 Medium

CVSS2

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

GHSA-rwch-8ppj-xj9q