PT-2019-16887 · Ibm · Ibm Websphere Mq

Published

2019-05-23

Updated

2022-12-09

CVE-2019-4078

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions IBM WebSphere MQ versions 8.0.0.0 through 8.0.0.9 IBM WebSphere MQ versions 9.0.0.0 through 9.1.1

Description The issue allows a local non-privileged user to execute code as an administrator due to incorrect permissions set on MQ installation directories.

Recommendations For IBM WebSphere MQ versions 8.0.0.0 through 8.0.0.9, update the permissions on MQ installation directories to prevent local non-privileged users from executing code as an administrator. For IBM WebSphere MQ versions 9.0.0.0 through 9.1.1, update the permissions on MQ installation directories to prevent local non-privileged users from executing code as an administrator.

Fix

Incorrect Permission

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-732

Related Identifiers

CVE-2019-4078

Affected Products

Ibm Websphere Mq

PT-2019-16887 · Ibm · Ibm Websphere Mq

CVE-2019-4078

Weakness Enumeration

Related Identifiers

Affected Products

References · 4