Home Unlabelled IBM Security Bulletin: IBM WebSphere MQ is affected by a privilege escalation vulnerability (CVE-2017-1612)

IBM Security Bulletin: IBM WebSphere MQ is affected by a privilege escalation vulnerability (CVE-2017-1612)

By
Thursday, January 04, 2018
Read
Add Comment

IBM WebSphere MQ has addressed the following vulnerability. An undocumented environment variable intended for use by IBM support could be used to execute untrusted code using the ‘mqm’ user.

CVE(s): CVE-2017-1612

Affected product(s) and affected version(s):

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2qnX5HV
X-Force Database: http://ift.tt/2lTvDgz

The post IBM Security Bulletin: IBM WebSphere MQ is affected by a privilege escalation vulnerability (CVE-2017-1612) appeared first on IBM PSIRT Blog.

ProductAffected Versions
IBM WebSphere MQ7.0.1.0 – 7.0.1.14
IBM WebSphere MQ7.1.0.0 – 7.1.0.8
IBM WebSphere MQ7.5.0.0 – 7.5.0.8
IBM MQ8.0.0.0 – 8.0.0.7
IBM MQ (LTS)9.0.0.0 – 9.0.0.1
IBM MQ (CD)9.0.1.0 – 9.0.3.0


from IBM Product Security Incident Response Team http://ift.tt/2qlQy0v
Tags :

Created By Nexus · Powered by Blogger
© All Rights Reserved

Terms Of Service · Privacy Policy · Disclaimer · Contact Us · About Us