NotCVE - vendor:"Ibm" product:"Websphere Mq" version:" >= 8.0.0.0 <= 8.0.0.10"

Page 4 of 44 results (0.001 seconds)

CVSS: 6.5EPSS: 0%CPEs: 7EXPL: 0

CVE-2016-8986

https://notcve.org/view.php?id=CVE-2016-8986

22 Feb 2017 — IBM WebSphere MQ 8.0 could allow an authenticated user with access to the queue manager to bring down MQ channels using specially crafted HTTP requests. IBM Reference #: 1998648. IBM WebSphere MQ 8.0 podría permitir a un usuario autenticado con acceso al gestor de colas derribar canales MQ utilizando peticiones HTTP especialmente manipuladas. IBM Reference #: 1998648. • http://www.ibm.com/support/docview.wss?uid=swg21998648 • CWE-284: Improper Access Control •

CVSS: 3.5EPSS: 0%CPEs: 12EXPL: 0

CVE-2016-0379

https://notcve.org/view.php?id=CVE-2016-0379

26 Sep 2016 — IBM WebSphere MQ 7.5 before 7.5.0.7 and 8.0 before 8.0.0.5 mishandles protocol flows, which allows remote authenticated users to cause a denial of service (channel outage) by leveraging queue-manager rights. IBM WebSphere MQ 7.5 en versiones anteriores a 7.5.0.7 y 8.0 en versiones anteriores a 8.0.0.5 no maneja correctamente flujos de protocolo, lo que permite a usuarios remotos autenticados provocar una denegación de servicio (corte de canal) aprovechando derechos del gestor de cola. • http://www-01.ibm.com/support/docview.wss?uid=swg21984565 • CWE-19: Data Processing Errors •

CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0

CVE-2016-0260

https://notcve.org/view.php?id=CVE-2016-0260

29 Jun 2016 — Memory leak in queue-manager agents in IBM WebSphere MQ 8.x before 8.0.0.5 allows remote attackers to cause a denial of service (heap memory consumption) by triggering many errors. Fuga de memoria en agentes de gestión de cola en IBM WebSphere MQ 8.x en versiones anteriores a 8.0.0.5 permite a atacantes remotos provocar una denegación de servicio (consumo de memoria dinámica) desencadenando muchos errores. • http://www-01.ibm.com/support/docview.wss?uid=swg21984564 • CWE-399: Resource Management Errors •

CVSS: 2.5EPSS: 0%CPEs: 4EXPL: 0

CVE-2015-7473

https://notcve.org/view.php?id=CVE-2015-7473

26 Jun 2016 — runmqsc in IBM WebSphere MQ 8.x before 8.0.0.5 allows local users to bypass intended queue-manager command access restrictions by leveraging authority for +connect and +dsp. runmqsc en IBM WebSphere MQ 8.x en versiones anteriores a 8.0.0.5 permite a usuarios locales eludir las restricciones de acceso de comandos destinados al gestor de colas aprovechando la autoridad para +connect y +dsp. • http://www-01.ibm.com/support/docview.wss?uid=swg21984555 • CWE-284: Improper Access Control •

CVSS: 2.5EPSS: 0%CPEs: 4EXPL: 0

CVE-2016-0259

https://notcve.org/view.php?id=CVE-2016-0259

26 Jun 2016 — runmqsc in IBM WebSphere MQ 8.x before 8.0.0.5 allows local users to bypass an intended +dsp authority requirement and obtain sensitive information via unspecified display commands. runmqsc en IBM WebSphere MQ 8.x en versiones anteriores a 8.0.0.5 permite a usuarios locales eludir un requisito de autoridad +dsp destinado y obtener información sensible a través de comandos de pantalla no especificados. • http://www-01.ibm.com/support/docview.wss?uid=swg21984561 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 4.4EPSS: 0%CPEs: 1EXPL: 0

CVE-2015-7462

https://notcve.org/view.php?id=CVE-2015-7462

19 Jun 2016 — IBM WebSphere MQ 8.0.0.4 on IBM i platforms allows local users to discover cleartext certificate-keystore passwords within MQ trace output by leveraging administrator privileges to execute the mqcertck program. IBM WebSphere MQ 8.0.0.4 en plataformas IBM i permite a usuarios locales descubrir contraseñas de certificado de almacén de claves en texto plano dentro de la salida de rastreo MQ aprovechando privilegios administrativos para el ejecutar el programa mqcertck. • http://www-01.ibm.com/support/docview.wss?uid=swg21984557 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-255: Credentials Management Errors •

CVSS: 4.0EPSS: 0%CPEs: 13EXPL: 0

CVE-2015-2012

https://notcve.org/view.php?id=CVE-2015-2012

08 Feb 2016 — The MQXR service in WMQ Telemetry in IBM WebSphere MQ 7.1 before 7.1.0.7, 7.5 through 7.5.0.5, and 8.0 before 8.0.0.4 uses world-readable permissions for a cleartext file containing the SSL keystore password, which allows local users to obtain sensitive information by reading this file. El servicio MQXR en WMQ Telemetry en IBM WebSphere MQ 7.1 en versiones anteriores a 7.1.0.7, 7.5 hasta la versión 7.5.0.5 y 8.0 en versiones anteriores a 8.0.0.4 utiliza permisos de lectura para todos para un archivo de text... • http://www-01.ibm.com/support/docview.wss?uid=swg1IT09866 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-255: Credentials Management Errors •

CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0

CVE-2015-1967

https://notcve.org/view.php?id=CVE-2015-1967

01 Jul 2015 — MQ Explorer in IBM WebSphere MQ before 8.0.0.3 does not recognize the absence of the compatibility-mode option, which allows remote attackers to obtain sensitive information by sniffing the network for a session in which TLS is not used. MQ Explorer en IBM WebSphere MQ anterior a 8.0.0.3 no reconoce la ausencia de la opción del modo de compatibilidad, lo que permite a atacantes remotos obtener información sensible mediante la captura de trafico de la red para una sesión en la que no se utiliza TLS. • http://www-01.ibm.com/support/docview.wss?uid=swg21960491 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 4.9EPSS: 0%CPEs: 7EXPL: 0

CVE-2015-0189

https://notcve.org/view.php?id=CVE-2015-0189

20 May 2015 — The cluster repository manager in IBM WebSphere MQ 7.5 before 7.5.0.5 and 8.0 before 8.0.0.2 allows remote authenticated administrators to cause a denial of service (memory overwrite and daemon outage) by triggering multiple transmit-queue records. El gestor del repositorio de clusters en IBM WebSphere MQ 7.5 anterior a 7.5.0.5 y 8.0 anterior a 8.0.0.2 permite a administradores remotos autenticados causar una denegación de servicio (sobrescritura de memoria y interrupción de demonio) mediante le provocación... • http://www-01.ibm.com/support/docview.wss?uid=swg1IT05869 • CWE-399: Resource Management Errors •

CVSS: 6.1EPSS: 0%CPEs: 3EXPL: 0

CVE-2015-0176

https://notcve.org/view.php?id=CVE-2015-0176

27 Apr 2015 — Cross-site scripting (XSS) vulnerability in MQ XR WebSockets Listener in WMQ Telemetry in IBM WebSphere MQ 8.0 before 8.0.0.2 allows remote attackers to inject arbitrary web script or HTML via a crafted URI that is included in an error response. Vulnerabilidad de XSS en MQ XR WebSockets Listener en WMQ Telemetry en IBM WebSphere MQ 8.0 anterior a 8.0.0.2 permite a atacantes remotos inyectar secuencias de comandos web arbitrarios o HTML a través de una URI manipulada que está incluida en una respuesta de err... • http://www-01.ibm.com/support/docview.wss?uid=swg21699549 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

1 2 3 4 5