CVSS: 6.5EPSS: 0%CPEs: 7EXPL: 0CVE-2017-1235
https://notcve.org/view.php?id=CVE-2017-1235
IBM WebSphere MQ 8.0 could allow an authenticated user to cause a premature termination of a client application thread which could potentially cause denial of service. IBM X-Force ID: 123914. La versión 8.0 de IBM WebSphere MQ podría permitir que un usuario autenticado finalice de manera prematura un hilo de la aplicación cliente, lo que podría provocar una denegación de servicio. IBM X-Force ID: 123914. • http://www.ibm.com/support/docview.wss?uid=swg22005415 http://www.securityfocus.com/bid/100955 https://exchange.xforce.ibmcloud.com/vulnerabilities/123914 •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2017-1118
https://notcve.org/view.php?id=CVE-2017-1118
IBM WebSphere MQ Internet Pass-Thru 2.0 and 2.1 could allow n attacker to cause the MQIPT to stop responding due to an incorrectly configured security policy. IBM X-Force ID: 121156. BM WebSphere MQ Internet Pass-Thru 2.0 y 2.1 podría permitir que un atacante haga que MQIPT deje de responder por una política de seguridad configurada incorrectamente. IBM X-Force ID: 121156. • http://www.ibm.com/support/docview.wss?uid=swg22006580 http://www.securityfocus.com/bid/100021 https://exchange.xforce.ibmcloud.com/vulnerabilities/121156 •
CVSS: 9.0EPSS: 0%CPEs: 9EXPL: 0CVE-2017-1318
https://notcve.org/view.php?id=CVE-2017-1318
IBM MQ Appliance 8.0 and 9.0 could allow an authenticated messaging administrator to execute arbitrary commands on the system, caused by command execution. IBM X-Force ID: 125730. IBM MQ Appliance versiones 8.0 y 9.0, podría permitir a un administrador de mensajería autenticado ejecutar comandos arbitrarios sobre el sistema, causado ??por la ejecución de comandos. ID de IBM X-Force: 125730. • http://www.ibm.com/support/docview.wss?uid=swg22003815 http://www.securityfocus.com/bid/99594 https://exchange.xforce.ibmcloud.com/vulnerabilities/125730 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2017-1285
https://notcve.org/view.php?id=CVE-2017-1285
IBM WebSphere MQ 9.0.1 and 9.0.2 could allow an authenticated user with authority to send a specially crafted message that would cause a channel to remain in a running state but not process messages. IBM X-Force ID: 125146. IBM WebSphere MQ 9.0.1 y 9.0.2 podría permitir a un usuario autenticado con autoridad para enviar mensajes especialmente manipulados que causarían que un canal permaneciese en un estado de ejecución pero no procesaría mensajes. IBM X-Force ID: 125146. • http://www.securityfocus.com/bid/99538 https://exchange.xforce.ibmcloud.com/vulnerabilities/125146 https://www.ibm.com/support/docview.wss?uid=swg22003856 • CWE-20: Improper Input Validation •
CVSS: 8.1EPSS: 0%CPEs: 2EXPL: 0CVE-2017-1337
https://notcve.org/view.php?id=CVE-2017-1337
IBM WebSphere MQ 9.0.1 and 9.0.2 Java/JMS application can incorrectly transmit user credentials in plain text. IBM X-Force ID: 126245. La aplicación Java/JMS de WebSphere MQ versiones 9.0.1 y 9.0.2 de IBM, puede transmitir incorrectamente las credenciales de usuario en texto plano. ID de IBM X-Force: 126245. • http://www.ibm.com/support/docview.wss?uid=swg22003853 http://www.securityfocus.com/bid/99493 https://exchange.xforce.ibmcloud.com/vulnerabilities/126245 • CWE-522: Insufficiently Protected Credentials •