Vulnerabilities > IBM > MQ Appliance M2000

DATE CVE VULNERABILITY TITLE RISK
2016-09-02 CVE-2016-5879 Improper Input Validation vulnerability in IBM MQ Appliance Firmware 8.0
MQCLI on IBM MQ Appliance M2000 and M2001 devices allows local users to execute arbitrary shell commands via a crafted (1) Disaster Recovery or (2) High Availability command.
local
low complexity
ibm CWE-20
4.6
4.6
2016-01-03 CVE-2015-1985 Improper Access Control vulnerability in IBM MQ Appliance M2000 8.0.0.3
The queue manager on IBM MQ M2000 appliances before 8.0.0.4 allows local users to bypass an intended password requirement and read private keys by leveraging the existence of a stash file.
local
ibm CWE-284
1.9
1.9
2016-01-01 CVE-2015-7421 Information Exposure vulnerability in IBM MQ Appliance M2000 8.0.0.3
Unspecified vulnerability in GSKit on IBM MQ M2000 appliances before 8.0.0.4 allows remote attackers to obtain sensitive information via unknown vectors, a different vulnerability than CVE-2015-7420.
network
low complexity
ibm CWE-200
5.0
5.0
2016-01-01 CVE-2015-7420 Information Exposure vulnerability in IBM MQ Appliance M2000 8.0.0.3
Unspecified vulnerability in GSKit on IBM MQ M2000 appliances before 8.0.0.4 allows remote attackers to obtain sensitive information via unknown vectors, a different vulnerability than CVE-2015-7421.
network
low complexity
ibm CWE-200
5.0
5.0