PT-2016-4169 · Ibm · Ibm Messagesight

Matthias Kaiser

Publicado

2016-07-01

Atualizado

2016-07-08

CVE-2016-0375

CVSS v2.0

9.0

Alta

Vetor

AV:N/AC:L/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions IBM MessageSight versions 1.1.x through 1.1.0.1 IBM MessageSight versions 1.2.x through 1.2.0.3 IBM MessageSight versions 2.0.x through 2.0.0.0

Description The JMS Client in IBM MessageSight allows remote authenticated users to obtain administrator privileges for executing arbitrary commands via unspecified vectors.

Recommendations For IBM MessageSight versions 1.1.x through 1.1.0.1, update to a version outside of this range to mitigate the risk. For IBM MessageSight versions 1.2.x through 1.2.0.3, update to a version outside of this range to mitigate the risk. For IBM MessageSight versions 2.0.x through 2.0.0.0, update to a version outside of this range to mitigate the risk.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-264

Identificadores relacionados

CVE-2016-0375

Produtos afetados

Ibm Messagesight

PT-2016-4169 · Ibm · Ibm Messagesight

CVE-2016-0375

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 5