The MQXR service in WMQ Telemetry in IBM WebSphere MQ 7.1 before 7.1.0.7, 7.5 through 7.5.0.5, and 8.0 before 8.0.0.4 uses world-readable permissions for a cleartext file containing the SSL keystore password, which allows local users to obtain sensitive information by reading this file.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: ibm
Published: 2016-02-08T16:00:00
Updated: 2016-12-02T20:57:01
Reserved: 2015-02-19T00:00:00
Link: CVE-2015-2012
JSON object: View
NVD Information
Status : Modified
Published: 2016-02-08T16:59:00.363
Modified: 2016-12-06T02:59:34.630
Link: CVE-2015-2012
JSON object: View
Redhat Information
No data.