Oval Definition:	oval:org.cisecurity:def:1825
Revision Date: 2017-03-10 Version: 6 Title: Vulnerability in MQXR service in WMQ Telemetry in IBM WebSphere MQ 7.1 before 7.1.0.7, 7.5 through 7.5.0.5, and 8.0 before 8.0.0.4 – CVE-2015-2012 Description: The MQXR service in WMQ Telemetry in IBM WebSphere MQ 7.1 before 7.1.0.7, 7.5 through 7.5.0.5, and 8.0 before 8.0.0.4 uses world-readable permissions for a cleartext file containing the SSL keystore password, which allows local users to obtain sensitive information by reading this file. Family: windows Class: vulnerability Status: ACCEPTED Reference(s): CVE-2015-2012 Platform(s): Microsoft Windows 10 Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Vista Product(s): IBM WebSphere MQ Definition Synopsis IBM WebSphere MQ is installed AND Affected Versions IBM WebSphere MQ 7.1 Check if IBM WebSphere MQ version is greater than or equal to 7.1.0.0 AND Check if IBM WebSphere MQ version is less than to 7.1.0.7 OR IBM WebSphere MQ 7.5 Check if IBM WebSphere MQ version is greater than or equal to 7.5.0.0 AND Check if IBM WebSphere MQ version is less than to 7.5.0.6 OR IBM WebSphere MQ 8.0 Check if IBM WebSphere MQ version is greater than or equal to 8.0.0.0 AND Check if IBM WebSphere MQ version is less than to 8.0.0.4
BACK