CVSS: 4.7EPSS: 0%CPEs: 2EXPL: 0CVE-2017-1284
https://notcve.org/view.php?id=CVE-2017-1284
IBM WebSphere MQ 9.0.1 and 9.0.2 could allow a local user with ability to run or enable trace, to obtain sensitive information from WebSphere Application Server traces including user credentials. IBM X-Force ID: 125145. IBM WebSphere MQ 9.0.1 y 9.0.2 podría permitir a un usuario local con habilidad de ejecución o activación de rutas, obtener información sensible desde rutas de WebSphere Application Server incluidas credenciales de usuario. X-Force ID: 125145. • http://www.ibm.com/support/docview.wss?uid=swg22003851 http://www.securityfocus.com/bid/99494 https://exchange.xforce.ibmcloud.com/vulnerabilities/125145 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 8.1EPSS: 0%CPEs: 2EXPL: 0CVE-2017-1337
https://notcve.org/view.php?id=CVE-2017-1337
IBM WebSphere MQ 9.0.1 and 9.0.2 Java/JMS application can incorrectly transmit user credentials in plain text. IBM X-Force ID: 126245. La aplicación Java/JMS de WebSphere MQ versiones 9.0.1 y 9.0.2 de IBM, puede transmitir incorrectamente las credenciales de usuario en texto plano. ID de IBM X-Force: 126245. • http://www.ibm.com/support/docview.wss?uid=swg22003853 http://www.securityfocus.com/bid/99493 https://exchange.xforce.ibmcloud.com/vulnerabilities/126245 • CWE-522: Insufficiently Protected Credentials •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-1236
https://notcve.org/view.php?id=CVE-2017-1236
IBM WebSphere MQ 9.0.2 could allow an authenticated user to potentially cause a denial of service by saving an incorrect channel status inquiry. IBM X-Force ID: 124354 IBM WebSphere MQ 9.0.2 permitiría a un usuario autenticado causar una denegación de servicio mediante el guardado del estado de investigación del canal. IBM X-Force ID: 124354 • http://www.ibm.com/support/docview.wss?uid=swg22003510 http://www.securityfocus.com/bid/99505 https://exchange.xforce.ibmcloud.com/vulnerabilities/124354 • CWE-20: Improper Input Validation •