CVE-2018-1551
Summary
| CVE | CVE-2018-1551 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2018-08-06 14:29:00 UTC |
| Updated | 2019-10-09 23:38:00 UTC |
| Description | IBM WebSphere MQ 8.0.0.2 through 8.0.0.8 and 9.0.0.0 through 9.0.0.3 could allow users to have more authority than they should have if an MQ administrator creates an invalid user group name. IBM X-Force ID: 142888. |
Risk And Classification
Problem Types: CWE-732
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Ibm | Websphere Mq | All | All | All | All |
| Application | Ibm | Websphere Mq | All | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| IBM MQ CVE-2018-1551 Security Bypass Vulnerability | BID | www.securityfocus.com | Third Party Advisory, VDB Entry |
| IBM X-Force Exchange | XF | exchange.xforce.ibmcloud.com | VDB Entry, Vendor Advisory |
| IBM Security Bulletin: Invalid user group vulnerability in IBM MQ on Unix platform(CVE-2018-1551) | CONFIRM | www.ibm.com | Vendor Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.