Bypassing Password Requirement and Reading Private Keys in IBM MQ M2000 Appliances

Bypassing Password Requirement and Reading Private Keys in IBM MQ M2000 Appliances

CVE-2015-1985 · LOW Severity

AV:L/AC:M/AU:N/C:P/I:N/A:N

The queue manager on IBM MQ M2000 appliances before 8.0.0.4 allows local users to bypass an intended password requirement and read private keys by leveraging the existence of a stash file.

Learn more about our Cis Benchmark Audit For Ibm I.