mickmick.net

IBM MQ Denial of Service Vulnerability

Release Date: 7 Feb 2023

RISK: Medium Risk

TYPE: Servers - Network Management

A vulnerability has been identified in IBM MQ. A remote user can exploit this vulnerability to trigger denial of service condition on the targeted system.

---

Impact

• Denial of Service

---

System / Technologies affected

• IBM MQ 9.2 LTS
• IBM MQ 9.3 LTS
• IBM MQ 9.2 CD
• IBM MQ 9.3 CD

---

Solutions

Before installation of the software, please visit the vendor web-site for more details.

 

Apply fixes issued by the vendor:

• https://www.ibm.com/support/pages/node/6952185

---

Vulnerability Identifier

• CVE-2022-25857

---

Source

• AusCERT
• IBM

---

Related Link

• https://www.auscert.org.au/bulletins/ESB-2023.0664
• https://www.ibm.com/support/pages/node/6952185