|Date: (C)2011-10-30 (M)2017-08-18|
|CVSS Score: 1.7||Access Vector: LOCAL|
|Exploitability Subscore: 3.1||Access Complexity: LOW|
|Impact Subscore: 2.9||Authentication: SINGLE_INSTANCE|
| ||Confidentiality: NONE|
| ||Integrity: PARTIAL|
| ||Availability: NONE|
IBM WebSphere MQ 6.0 before 220.127.116.11 and 7.0 before 18.104.22.168 does not properly handle long group names, which might allow local users to gain privileges by leveraging combinations of group names with the same initial substring.