Vulnerabilities > IBM > MQ Appliance > 9.0.2

DATE CVE VULNERABILITY TITLE RISK
2018-12-11 CVE-2018-1652 Improper Input Validation vulnerability in IBM Datapower Gateway
IBM DataPower Gateway 7.1.0.0 through 7.1.0.19, 7.2.0.0 through 7.2.0.16, 7.5.0.0 through 7.5.0.10, 7.5.1.0 through 7.5.1.9, 7.5.2.0 through 7.5.2.9, and 7.6.0.0 through 7.6.0.2 and IBM MQ Appliance 8.0.0.0 through 8.0.0.8 and 9.0.1 through 9.0.5 could allow a local user to cause a denial of service through unknown vectors.
local
low complexity
ibm CWE-20
5.5
5.5
2018-03-23 CVE-2018-1429 Cross-site Scripting vulnerability in IBM MQ Appliance
IBM MQ Appliance 9.0.1, 9.0.2, 9.0.3, amd 9.0.4 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
5.4
2017-07-18 CVE-2017-1318 OS Command Injection vulnerability in IBM MQ Appliance
IBM MQ Appliance 8.0 and 9.0 could allow an authenticated messaging administrator to execute arbitrary commands on the system, caused by command execution.
network
low complexity
ibm CWE-78
8.8
8.8