CVE-2015-5011
published 2015-10-26CVE-2015-5011: IBM WebSphere Message Broker 8 before 8.0.0.6 and Integration Bus 9 before 9.0.0.4 do not check authorization for MQSISTARTMSGFLOW and MQSISTOPMSGFLOW…
low3.2CVSS 3.1
AVLACLAuSCNIPAP
IBM WebSphere Message Broker 8 before 8.0.0.6 and Integration Bus 9 before 9.0.0.4 do not check authorization for MQSISTARTMSGFLOW and MQSISTOPMSGFLOW commands, which allows local users to bypass intended access restrictions, and start or stop a service, by issuing a command.
Affected
10 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ibm | integration_bus | — | — |
| ibm | integration_bus | — | — |
| ibm | integration_bus | — | — |
| ibm | integration_bus | — | — |
| ibm | websphere_message_broker | — | — |
| ibm | websphere_message_broker | — | — |
| ibm | websphere_message_broker | — | — |
| ibm | websphere_message_broker | — | — |
| ibm | websphere_message_broker | — | — |
| ibm | websphere_message_broker | — | — |