CVE-2014-4822

IBM WebSphere MQ classes for Java libraries 8.0 before 8.0.0.1 and Websphere MQ Explorer 7.5 before 7.5.0.5 and 8.0 before 8.0.0.2 allow local users to discover preconfigured cleartext passwords via an unspecified trace operation.

Published: Oct 19, 2014
Updated: Apr 13, 2023
CVE: CVE-2014-4822
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 1.9
AV:L/AC:M/Au:N/C:P/I:N/A:N

CWEs:

CWE-255

Affected Software
References

Software	From	Fixed in
ibm / websphere_mq_explorer	7.5.0.4	7.5.0.4.x
ibm / websphere_mq_explorer	8.0.0.1	8.0.0.1.x
ibm / websphere_mq_explorer	8.0.0.0	8.0.0.0.x
ibm / websphere_mq	8.0.0.0	8.0.0.0.x
ibm / websphere_mq_explorer	7.5.0.2	7.5.0.2.x
ibm / websphere_mq_explorer	7.5.0.1	7.5.0.1.x
ibm / websphere_mq_explorer	7.5.0.0	7.5.0.0.x
ibm / websphere_mq_explorer	7.5.0.3	7.5.0.3.x

http://secunia.com/advisories/59921
http://www-01.ibm.com/support/docview.wss?uid=swg1IT04023
http://www-01.ibm.com/support/docview.wss?uid=swg21686339
https://exchange.xforce.ibmcloud.com/vulnerabilities/95467

Vulnerability Database

289,871

CVE-2014-4822