IBM Security Bulletin: Invalid user group vulnerability in IBM MQ on Unix platform(CVE-2018-1551)
IBM MQ could allow users to have more authority than they should have if an MQ administrator creates an invalid user group name.
CVE(s): CVE-2018-1551
Affected product(s) and affected version(s):
IBM MQ v8.0.0.2 to 8.0.0.8
IBM MQ 9.0.0.0 to 9.0.0.3
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www-01.ibm.com/support/docview.wss?uid=ibm10716113
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/142888
The post IBM Security Bulletin: Invalid user group vulnerability in IBM MQ on Unix platform(CVE-2018-1551) appeared first on IBM PSIRT Blog.
from IBM Product Security Incident Response Team https://ift.tt/2ADH5qj