CVSS: 9.0EPSS: 0%CPEs: 9EXPL: 0CVE-2017-1318
https://notcve.org/view.php?id=CVE-2017-1318
IBM MQ Appliance 8.0 and 9.0 could allow an authenticated messaging administrator to execute arbitrary commands on the system, caused by command execution. IBM X-Force ID: 125730. IBM MQ Appliance versiones 8.0 y 9.0, podría permitir a un administrador de mensajería autenticado ejecutar comandos arbitrarios sobre el sistema, causado ??por la ejecución de comandos. ID de IBM X-Force: 125730. • http://www.ibm.com/support/docview.wss?uid=swg22003815 http://www.securityfocus.com/bid/99594 https://exchange.xforce.ibmcloud.com/vulnerabilities/125730 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2016-5879
https://notcve.org/view.php?id=CVE-2016-5879
MQCLI on IBM MQ Appliance M2000 and M2001 devices allows local users to execute arbitrary shell commands via a crafted (1) Disaster Recovery or (2) High Availability command. MQCLI en dispositivos IBM MQ Appliance M2000 y M2001 permite a usuarios locales ejecutar comandos shell arbitrarios a través de un comando (1) Disaster Recovery o (2) High Availability manipulado . • http://www-01.ibm.com/support/docview.wss?uid=swg1IT16174 http://www-01.ibm.com/support/docview.wss?uid=swg21987697 http://www.securityfocus.com/bid/92538 • CWE-20: Improper Input Validation •
CVSS: 5.6EPSS: 0%CPEs: 1EXPL: 0CVE-2015-1985
https://notcve.org/view.php?id=CVE-2015-1985
The queue manager on IBM MQ M2000 appliances before 8.0.0.4 allows local users to bypass an intended password requirement and read private keys by leveraging the existence of a stash file. El gestor de colas en dispositivos IBM MQ M2000 en versiones anteriores a 8.0.0.4 permite a usuarios locales eludir el requisito destinado a la contraseña y leer claves privadas aprovechando la existencia de un archivo stash. • http://www-01.ibm.com/support/docview.wss?uid=swg21971445 • CWE-284: Improper Access Control •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2015-7421
https://notcve.org/view.php?id=CVE-2015-7421
Unspecified vulnerability in GSKit on IBM MQ M2000 appliances before 8.0.0.4 allows remote attackers to obtain sensitive information via unknown vectors, a different vulnerability than CVE-2015-7420. Vulnerabilidad no especificada en GSKit en dispositivos IBM MQ M2000 en versiones anteriores a 8.0.0.4 permite a atacantes remotos obtener información sensible a través de vectores desconocidos, una vulnerabilidad diferente a CVE-2015-7420. • http://www-01.ibm.com/support/docview.wss?uid=isg3T1023277 http://www-01.ibm.com/support/docview.wss?uid=swg21971500 http://www.securityfocus.com/bid/82303 http://www.securitytracker.com/id/1034846 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2015-7420
https://notcve.org/view.php?id=CVE-2015-7420
Unspecified vulnerability in GSKit on IBM MQ M2000 appliances before 8.0.0.4 allows remote attackers to obtain sensitive information via unknown vectors, a different vulnerability than CVE-2015-7421. Vulnerabilidad no especificada en GSKit en dispositivos IBM MQ M2000 en versiones anteriores a 8.0.0.4 permite a atacantes remotos obtener información sensible a través de vectores desconocidos, una vulnerabilidad diferente a CVE-2015-7421. • http://www-01.ibm.com/support/docview.wss?uid=isg3T1023277 http://www-01.ibm.com/support/docview.wss?uid=swg21971500 http://www.securityfocus.com/bid/82301 http://www.securitytracker.com/id/1034846 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •