CVE-2008-1592

high

Description

MQSeries 5.1 in IBM WebSphere MQ 5.1 through 5.3.1 on the HP NonStop and Tandem NSK platforms does not require mqm group membership for execution of administrative tasks, which allows local users to bypass intended access restrictions via the runmqsc program, related to "Pathway panels."

References

http://www.vupen.com/english/advisories/2008/0869

http://www.securityfocus.com/bid/28235

http://www-1.ibm.com/support/docview.wss?uid=swg21297035

http://securitytracker.com/id?1019610

http://secunia.com/advisories/29360

Details

Source: Mitre, NVD

Published: 2008-03-31

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 4.6

Vector: CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P

Severity: Medium

CVSS v3

Base Score: 7.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Severity: High

EPSS

EPSS: 0.00064