Shodan
Vulnerabilities
Vulnerable Software
Ibm:  >> Mq  Security Vulnerabilities
CVE-2023-45177
IBM MQ 9.0 LTS, 9.1 LTS, 9.2 LTS, 9.3 LTS and 9.3 CD is vulnerable to a denial-of-service attack due to an error within the MQ clustering logic. IBM X-Force ID: 268066.
CVSS Score
5.3
EPSS Score
0.001
Published
2024-03-20
CVE-2024-25016
IBM MQ and IBM MQ Appliance 9.0, 9.1, 9.2, 9.3 LTS and 9.3 CD could allow a remote unauthenticated attacker to cause a denial of service due to incorrect buffering logic. IBM X-Force ID: 281279.
CVSS Score
7.5
EPSS Score
0.001
Published
2024-03-03
CVE-2023-28513
IBM MQ 9.0 LTS, 9.1 LTS, 9.2 LTS, 9.3 LTS, 9.2 CD, and 9.3 CD and IBM MQ Appliance 9.2 LTS, 9.3 LTS, 9.2 CD, and 9.2 LTS, under certain configurations, is vulnerable to a denial of service attack caused by an error processing messages. IBM X-Force ID: 250397.
CVSS Score
5.9
EPSS Score
0.001
Published
2023-07-19
CVE-2023-28950
IBM MQ 8.0, 9.0, 9.1, 9.2, and 9.3 could disclose sensitive user information from a trace file if that functionality has been enabled. IBM X-Force ID: 251358.
CVSS Score
5.1
EPSS Score
0.0
Published
2023-05-19
CVE-2023-28514
IBM MQ 8.0, 9.0, and 9.1 could allow a local user to obtain sensitive credential information when a detailed technical error message is returned in a stack trace. IBM X-Force ID: 250398.
CVSS Score
6.2
EPSS Score
0.0
Published
2023-05-19
CVE-2022-42436
IBM MQ 8.0.0, 9.0.0, 9.1.0, 9.2.0, 9.3.0 Managed File Transfer could allow a local user to obtain sensitive information from diagnostic files. IBM X-Force ID: 238206.
CVSS Score
4.0
EPSS Score
0.0
Published
2023-02-12
CVE-2022-31772
IBM MQ 8.0, 9.0 LTS, 9.1 CD, 9.1 LTS, 9.2 CD, and 9.2 LTS could allow an authenticated and authorized user to cause a denial of service to the MQTT channels. IBM X-Force ID: 228335.
CVSS Score
5.3
EPSS Score
0.0
Published
2022-11-11
CVE-2022-22489
IBM MQ 8.0, (9.0, 9.1, 9.2 LTS), and (9.1 and 9.2 CD) are vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 226339.
CVSS Score
8.2
EPSS Score
0.0
Published
2022-08-19
CVE-2021-38986
IBM MQ Appliance 9.2 CD and 9.2 LTS does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system. IBM X-Force ID: 212942.
CVSS Score
5.6
EPSS Score
0.001
Published
2022-03-01
CVE-2022-22321
IBM MQ Appliance 9.2 CD and 9.2 LTS local messaging users stored with a password hash that provides insufficient protection. IBM X-Force ID: 218368.
CVSS Score
5.1
EPSS Score
0.0
Published
2022-03-01


Products
Pricing
Contact Us

Shodan ® - All rights reserved