{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-02T02:29:27.438","vulnerabilities":[{"cve":{"id":"CVE-2018-1551","sourceIdentifier":"psirt@us.ibm.com","published":"2018-08-06T14:29:00.717","lastModified":"2024-11-21T04:00:00.117","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"IBM WebSphere MQ 8.0.0.2 through 8.0.0.8 and 9.0.0.0 through 9.0.0.3 could allow users to have more authority than they should have if an MQ administrator creates an invalid user group name. IBM X-Force ID: 142888."},{"lang":"es","value":"IBM WebSphere MQ, desde la versión 8.0.0.2 hasta la 8.0.0.8 y desde la versión 9.0.0.0 hasta la 9.0.0.3, podría permitir que los usuarios tengan más autoridad de la que deberían si un administrador MQ crea un nombre de grupo de usuarios no válido. IBM X-Force ID: 142888."}],"metrics":{"cvssMetricV30":[{"source":"psirt@us.ibm.com","type":"Secondary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N","baseScore":3.1,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":1.6,"impactScore":1.4},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.6,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:S/C:P/I:P/A:P","baseScore":6.0,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":6.8,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-732"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:websphere_mq:*:*:*:*:*:*:*:*","versionStartIncluding":"8.0.0.2","versionEndIncluding":"8.0.0.8","matchCriteriaId":"474E0A70-DCA8-4E7E-9D9A-2E70FE16C512"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:websphere_mq:*:*:*:*:*:*:*:*","versionStartIncluding":"9.0.0.0","versionEndIncluding":"9.0.0.3","matchCriteriaId":"3CF84198-FAC7-435E-99B2-5E698ACE9C5A"}]}]}],"references":[{"url":"http://www.securityfocus.com/bid/105040","source":"psirt@us.ibm.com","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/142888","source":"psirt@us.ibm.com","tags":["VDB Entry","Vendor Advisory"]},{"url":"https://www.ibm.com/support/docview.wss?uid=ibm10716113","source":"psirt@us.ibm.com","tags":["Vendor Advisory"]},{"url":"http://www.securityfocus.com/bid/105040","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/142888","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["VDB Entry","Vendor Advisory"]},{"url":"https://www.ibm.com/support/docview.wss?uid=ibm10716113","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}