CVE-2014-4822 — IBM Websphere MQ vulnerability

CWE-2553 documents3 sources

Severity

1.9LOWNVD

EPSS

0.1%

top 84.73%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

IBM Websphere MQ IBM Websphere MQ Explorer

Timeline

PublishedOct 19

Latest updateMay 17

Description

IBM WebSphere MQ classes for Java libraries 8.0 before 8.0.0.1 and Websphere MQ Explorer 7.5 before 7.5.0.5 and 8.0 before 8.0.0.2 allow local users to discover preconfigured cleartext passwords via an unspecified trace operation.

CVSS vector

AV:L/AC:M/C:P/I:N/A:NExploitability: 3.4 | Impact: 2.9

Affected Packages2 packages

▶NVDibm/websphere_mq_explorer7 versions+6

▶NVDibm/websphere_mq8.0.0.0

🔴Vulnerability Details

GHSA

GHSA-rrg8-jw47-hmq2: IBM WebSphere MQ classes for Java libraries 8↗2022-05-17

▶

CVEList

CVE-2014-4822: IBM WebSphere MQ classes for Java libraries 8↗2014-10-19

▶