CVE-2014-4822
Published Oct 19, 2014
Last updated 7 years ago
Overview
- Description
- IBM WebSphere MQ classes for Java libraries 8.0 before 8.0.0.1 and Websphere MQ Explorer 7.5 before 7.5.0.5 and 8.0 before 8.0.0.2 allow local users to discover preconfigured cleartext passwords via an unspecified trace operation.
- Source
- psirt@us.ibm.com
- NVD status
- Modified
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 1.9
- Impact score
- 2.9
- Exploitability score
- 3.4
- Vector string
- AV:L/AC:M/Au:N/C:P/I:N/A:N
Weaknesses
- nvd@nist.gov
- CWE-255
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:websphere_mq:8.0.0.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "153F42BE-64AE-4D38-94C1-E59EF10632A2"
},
{
"criteria": "cpe:2.3:a:ibm:websphere_mq_explorer:7.5.0.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5745E231-D937-4FCC-BA85-61021D36E42A"
},
{
"criteria": "cpe:2.3:a:ibm:websphere_mq_explorer:7.5.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DDA7219C-E8E7-41E6-B07A-13F75C796100"
},
{
"criteria": "cpe:2.3:a:ibm:websphere_mq_explorer:7.5.0.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A01E3907-CE96-4D3F-9CDD-DA348CEA4EB4"
},
{
"criteria": "cpe:2.3:a:ibm:websphere_mq_explorer:7.5.0.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A0B46FF7-452B-47BF-9CF9-0383043144F9"
},
{
"criteria": "cpe:2.3:a:ibm:websphere_mq_explorer:7.5.0.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3C38C5A6-CBF6-4E81-9F8D-8E2A5A216653"
},
{
"criteria": "cpe:2.3:a:ibm:websphere_mq_explorer:8.0.0.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D02554D0-4575-40E5-BD37-2017503C49E4"
},
{
"criteria": "cpe:2.3:a:ibm:websphere_mq_explorer:8.0.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "86259F4B-607C-44F0-B744-91763C96C120"
}
],
"operator": "OR"
}
]
}
]