CVE-2018-1974 — IBM Websphere MQ vulnerability

3 documents3 sources

Severity

7.5HIGHNVD

EPSS

0.3%

top 51.07%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

IBM Websphere MQ IBM MQ

Timeline

PublishedMar 11

Latest updateMay 13

Description

IBM WebSphere 8.0.0.0 through 9.1.1 could allow an authenticated attacker to escalate their privileges when using multiplexed channels. IBM X-Force ID: 153915.

CVSS vector

CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.6 | Impact: 5.9

Affected Packages2 packages

▶NVDibm/websphere_mq8.0.0.0 — 8.0.0.10+2

▶CVEListV5ibm/mq20 versions+19

Patches

Patch: www.ibm.com ↗Patch: www.ibm.com ↗

🔴Vulnerability Details

GHSA

GHSA-99jr-mh49-q38q: IBM WebSphere 8↗2022-05-13

▶

CVEList

CVE-2018-1974: IBM WebSphere 8↗2019-03-11

▶