CVSS: 6.5EPSS: 0%CPEs: 7EXPL: 0CVE-2017-1235
https://notcve.org/view.php?id=CVE-2017-1235
IBM WebSphere MQ 8.0 could allow an authenticated user to cause a premature termination of a client application thread which could potentially cause denial of service. IBM X-Force ID: 123914. La versión 8.0 de IBM WebSphere MQ podría permitir que un usuario autenticado finalice de manera prematura un hilo de la aplicación cliente, lo que podría provocar una denegación de servicio. IBM X-Force ID: 123914. • http://www.ibm.com/support/docview.wss?uid=swg22005415 http://www.securityfocus.com/bid/100955 https://exchange.xforce.ibmcloud.com/vulnerabilities/123914 •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2017-1118
https://notcve.org/view.php?id=CVE-2017-1118
IBM WebSphere MQ Internet Pass-Thru 2.0 and 2.1 could allow n attacker to cause the MQIPT to stop responding due to an incorrectly configured security policy. IBM X-Force ID: 121156. BM WebSphere MQ Internet Pass-Thru 2.0 y 2.1 podría permitir que un atacante haga que MQIPT deje de responder por una política de seguridad configurada incorrectamente. IBM X-Force ID: 121156. • http://www.ibm.com/support/docview.wss?uid=swg22006580 http://www.securityfocus.com/bid/100021 https://exchange.xforce.ibmcloud.com/vulnerabilities/121156 •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2017-1285
https://notcve.org/view.php?id=CVE-2017-1285
IBM WebSphere MQ 9.0.1 and 9.0.2 could allow an authenticated user with authority to send a specially crafted message that would cause a channel to remain in a running state but not process messages. IBM X-Force ID: 125146. IBM WebSphere MQ 9.0.1 y 9.0.2 podría permitir a un usuario autenticado con autoridad para enviar mensajes especialmente manipulados que causarían que un canal permaneciese en un estado de ejecución pero no procesaría mensajes. IBM X-Force ID: 125146. • http://www.securityfocus.com/bid/99538 https://exchange.xforce.ibmcloud.com/vulnerabilities/125146 https://www.ibm.com/support/docview.wss?uid=swg22003856 • CWE-20: Improper Input Validation •
CVSS: 8.1EPSS: 0%CPEs: 2EXPL: 0CVE-2017-1337
https://notcve.org/view.php?id=CVE-2017-1337
IBM WebSphere MQ 9.0.1 and 9.0.2 Java/JMS application can incorrectly transmit user credentials in plain text. IBM X-Force ID: 126245. La aplicación Java/JMS de WebSphere MQ versiones 9.0.1 y 9.0.2 de IBM, puede transmitir incorrectamente las credenciales de usuario en texto plano. ID de IBM X-Force: 126245. • http://www.ibm.com/support/docview.wss?uid=swg22003853 http://www.securityfocus.com/bid/99493 https://exchange.xforce.ibmcloud.com/vulnerabilities/126245 • CWE-522: Insufficiently Protected Credentials •
CVSS: 4.7EPSS: 0%CPEs: 2EXPL: 0CVE-2017-1284
https://notcve.org/view.php?id=CVE-2017-1284
IBM WebSphere MQ 9.0.1 and 9.0.2 could allow a local user with ability to run or enable trace, to obtain sensitive information from WebSphere Application Server traces including user credentials. IBM X-Force ID: 125145. IBM WebSphere MQ 9.0.1 y 9.0.2 podría permitir a un usuario local con habilidad de ejecución o activación de rutas, obtener información sensible desde rutas de WebSphere Application Server incluidas credenciales de usuario. X-Force ID: 125145. • http://www.ibm.com/support/docview.wss?uid=swg22003851 http://www.securityfocus.com/bid/99494 https://exchange.xforce.ibmcloud.com/vulnerabilities/125145 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •