CVE-2008-1592

EUVD-2008-1593
MQSeries 5.1 in IBM WebSphere MQ 5.1 through 5.3.1 on the HP NonStop and Tandem NSK platforms does not require mqm group membership for execution of administrative tasks, which allows local users to bypass intended access restrictions via the runmqsc program, related to "Pathway panels."
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4.6 UNKNOWN
LOCAL
LOW
AV:L/AC:L/Au:N/C:P/I:P/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 19%
Affected Products (NVD)
VendorProductVersion
ibmwebsphere_mq
5.1
ibmwebsphere_mq
5.3
ibmwebsphere_mq
5.3.1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://secunia.com/advisories/29360
http://securitytracker.com/id?1019610
http://www-1.ibm.com/support/docview.wss?uid=swg21297035
http://www.securityfocus.com/bid/28235
http://www.vupen.com/english/advisories/2008/0869
http://secunia.com/advisories/29360
http://securitytracker.com/id?1019610
http://www-1.ibm.com/support/docview.wss?uid=swg21297035
http://www.securityfocus.com/bid/28235
http://www.vupen.com/english/advisories/2008/0869