mickmick.net

IBM MQ Denial of Service Vulnerability

Release Date: 7 Nov 2022

RISK: Medium Risk

TYPE: Servers - Network Management

A vulnerability has been identified in IBM MQ. A remote user can exploit this vulnerability to trigger denial of service condition on the targeted system.

 

 

 

 

 

---

Impact

• Denial of Service

---

System / Technologies affected

• IBM MQ 9.1 LTS
• IBM MQ 9.2 LTS
• IBM MQ 9.3 LTS
• IBM MQ 9.1 CD
• IBM MQ 9.2 CD
• IBM MQ 9.3 CD

---

Solutions

Before installation of the software, please visit the vendor web-site for more details.

 

Apply fixes issued by the vendor:

• https://www.ibm.com/support/pages/node/6836859

---

Vulnerability Identifier

• CVE-2022-24839

---

Source

• AusCERT
• IBM

---

Related Link

• https://www.auscert.org.au/bulletins/ESB-2022.5597
• https://www.ibm.com/support/pages/node/6836859