| Revision Date: | 2017-03-10 | Version: | 6 |
| Title: | Vulnerability in MQXR service in WMQ Telemetry in IBM WebSphere MQ 7.1 before 7.1.0.7, 7.5 through 7.5.0.5, and 8.0 before 8.0.0.4 – CVE-2015-2012 |
| Description: | The MQXR service in WMQ Telemetry in IBM WebSphere MQ 7.1 before 7.1.0.7, 7.5 through 7.5.0.5, and 8.0 before 8.0.0.4 uses world-readable permissions for a cleartext file containing the SSL keystore password, which allows local users to obtain sensitive information by reading this file. |
| Family: | windows | Class: | vulnerability |
| Status: | ACCEPTED | Reference(s): | CVE-2015-2012
|
| Platform(s): | Microsoft Windows 10
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows 8.1
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Microsoft Windows Server 2016
Microsoft Windows Vista
| Product(s): | IBM WebSphere MQ
|
| Definition Synopsis |
| IBM WebSphere MQ is installed AND Affected Versions
IBM WebSphere MQ 7.1
Check if IBM WebSphere MQ version is greater than or equal to 7.1.0.0
AND Check if IBM WebSphere MQ version is less than to 7.1.0.7
OR IBM WebSphere MQ 7.5
Check if IBM WebSphere MQ version is greater than or equal to 7.5.0.0
AND Check if IBM WebSphere MQ version is less than to 7.5.0.6
OR IBM WebSphere MQ 8.0
Check if IBM WebSphere MQ version is greater than or equal to 8.0.0.0
AND Check if IBM WebSphere MQ version is less than to 8.0.0.4
|