VYPR

Websphere Message Broker

by IBM

CVEs (23)

  • CVE-2012-5952Feb 20, 2013
    risk 0.00cvss epss 0.01

    IBM WebSphere Message Broker 6.1 before 6.1.0.12, 7.0 before 7.0.0.6, and 8.0 before 8.0.0.2 does not validate Basic Authentication credentials before proceeding to WS-Addressing and WS-Security operations, which allows remote attackers to trigger transmission of unauthenticated…

  • CVE-2012-3317Dec 5, 2012
    risk 0.00cvss epss 0.00

    IBM WebSphere Message Broker 6.1 before 6.1.0.11, 7.0 before 7.0.0.5, and 8.0 before 8.0.0.2 has incorrect ownership of certain uninstaller Java Runtime Environment (JRE) files, which might allow local users to gain privileges by leveraging access to uid 501 or gid 300.

  • CVE-2009-0503Feb 13, 2009
    risk 0.00cvss epss 0.00

    IBM WebSphere Message Broker 6.1.x before 6.1.0.2 writes a database connection password to the Event Log and System Log during exception handling for a JDBC error, which allows local users to obtain sensitive information by reading these logs.

Page 2 of 2