Vulnerability in Ibm Websphere_message_broker
CVE-2012-3317
IBM WebSphere Message Broker 6.1 before 6.1.0.11, 7.0 before 7.0.0.5, and 8.0 before 8.0.0.2 has incorrect ownership of certain uninstaller Java Runtime Environment (JRE) files, which might allow local users to gain privileges by leveragin…
EPSS: 0.002 (37.4th percentile) — read the EPSS interpretation.
Affected products
- Ibm Websphere_message_broker — versions 6.1, 6.1.0.1, 6.1.0.2
- N/a — versions n/a
Weakness classification (CWE)
References
- wmb-uninstallerjvm-privilege-escalation(77818) (vdb-entry, x_refsource_XF)
- IC85477 (vendor-advisory, x_refsource_AIXAPAR)
- psirt@us.ibm.com (x_refsource_CONFIRM, Vendor Advisory)