IBM MQ Multiple Vulnerabilities
Release Date: 4 Mar 2024
RISK: Medium Risk
TYPE: Servers - Network Management
Multiple vulnerabilities were identified in IBM MQ. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, sensitive information disclosure and remote code execution on the targeted system.
Impact
- Denial of Service
- Information Disclosure
- Remote Code Execution
System / Technologies affected
- IBM MQ 9.0 LTS
- IBM MQ 9.1 LTS
- IBM MQ 9.2 LTS
- IBM MQ 9.3 LTS
- IBM MQ 9.3 CD
Solutions
Before installation of the software, please visit the vendor web-site for more details.
Apply fixes issued by the vendor:
- https://www.ibm.com/support/pages/node/7123135
- https://www.ibm.com/support/pages/node/7123136
- https://www.ibm.com/support/pages/node/7123137
- https://www.ibm.com/support/pages/node/7123138
- https://www.ibm.com/support/pages/node/7123139
Vulnerability Identifier
Source
Related Link
- https://www.auscert.org.au/bulletins/ESB-2024.1326
- https://www.auscert.org.au/bulletins/ESB-2024.1327
- https://www.auscert.org.au/bulletins/ESB-2024.1328
- https://www.auscert.org.au/bulletins/ESB-2024.1329
- https://www.auscert.org.au/bulletins/ESB-2024.1331
- https://www.ibm.com/support/pages/node/7123135
- https://www.ibm.com/support/pages/node/7123136
- https://www.ibm.com/support/pages/node/7123137
- https://www.ibm.com/support/pages/node/7123138
- https://www.ibm.com/support/pages/node/7123139
沒有留言:
發佈留言