PT-2018-5625 · Ibm · Ibm Websphere Message Broker+1
Published
2018-11-26
·
Updated
2019-10-09
·
CVE-2017-1418
CVSS v3.1
5.5
Medium
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N |
Name of the Vulnerable Software and Affected Versions:
IBM Integration Bus versions 9.0.0.0 through 9.0.0.11
IBM Integration Bus versions 10.0.0.0 through 10.0.0.14
IBM WebSphere Message Broker version 8.0.0.0
IBM WebSphere Message Broker version 8.0.0.9
Description:
The issue is related to insecure permissions on certain files, which could be exploited by a local attacker to modify or delete these files. The impact of such actions is unknown.
Recommendations:
For IBM Integration Bus versions 9.0.0.0 through 9.0.0.11, update the file permissions to prevent unauthorized access.
For IBM Integration Bus versions 10.0.0.0 through 10.0.0.14, update the file permissions to prevent unauthorized access.
For IBM WebSphere Message Broker version 8.0.0.0, update the file permissions to prevent unauthorized access.
For IBM WebSphere Message Broker version 8.0.0.9, update the file permissions to prevent unauthorized access.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ibm Integration Bus
Ibm Websphere Message Broker