4 results (0.002 seconds)

CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0

MQCLI on IBM MQ Appliance M2000 and M2001 devices allows local users to execute arbitrary shell commands via a crafted (1) Disaster Recovery or (2) High Availability command. MQCLI en dispositivos IBM MQ Appliance M2000 y M2001 permite a usuarios locales ejecutar comandos shell arbitrarios a través de un comando (1) Disaster Recovery o (2) High Availability manipulado . • http://www-01.ibm.com/support/docview.wss?uid=swg1IT16174 http://www-01.ibm.com/support/docview.wss?uid=swg21987697 http://www.securityfocus.com/bid/92538 • CWE-20: Improper Input Validation •

CVSS: 5.6EPSS: 0%CPEs: 1EXPL: 0

The queue manager on IBM MQ M2000 appliances before 8.0.0.4 allows local users to bypass an intended password requirement and read private keys by leveraging the existence of a stash file. El gestor de colas en dispositivos IBM MQ M2000 en versiones anteriores a 8.0.0.4 permite a usuarios locales eludir el requisito destinado a la contraseña y leer claves privadas aprovechando la existencia de un archivo stash. • http://www-01.ibm.com/support/docview.wss?uid=swg21971445 • CWE-284: Improper Access Control •

CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0

Unspecified vulnerability in GSKit on IBM MQ M2000 appliances before 8.0.0.4 allows remote attackers to obtain sensitive information via unknown vectors, a different vulnerability than CVE-2015-7420. Vulnerabilidad no especificada en GSKit en dispositivos IBM MQ M2000 en versiones anteriores a 8.0.0.4 permite a atacantes remotos obtener información sensible a través de vectores desconocidos, una vulnerabilidad diferente a CVE-2015-7420. • http://www-01.ibm.com/support/docview.wss?uid=isg3T1023277 http://www-01.ibm.com/support/docview.wss?uid=swg21971500 http://www.securityfocus.com/bid/82303 http://www.securitytracker.com/id/1034846 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0

Unspecified vulnerability in GSKit on IBM MQ M2000 appliances before 8.0.0.4 allows remote attackers to obtain sensitive information via unknown vectors, a different vulnerability than CVE-2015-7421. Vulnerabilidad no especificada en GSKit en dispositivos IBM MQ M2000 en versiones anteriores a 8.0.0.4 permite a atacantes remotos obtener información sensible a través de vectores desconocidos, una vulnerabilidad diferente a CVE-2015-7421. • http://www-01.ibm.com/support/docview.wss?uid=isg3T1023277 http://www-01.ibm.com/support/docview.wss?uid=swg21971500 http://www.securityfocus.com/bid/82301 http://www.securitytracker.com/id/1034846 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •