Deserialization of untrusted data

2021-01-2813:15:00

PRIOn knowledge base

www.prio-n.com

9.4 High

AI Score

Confidence

High

0.01 Low

EPSS

Percentile

83.4%

JSON

IBM MQ 7.5, 8.0, 9.0, 9.1, 9.2 LTS, and 9.2 CD could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization of trusted data. An attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 186509.

CPENameOperatorVersion
mqeq9.1.0.0
mqeq9.1.0.6
mqeq9.1.0.5
mqeq9.1.0.4
mqeq9.1.0.3
mqeq9.1.0.2
mqeq9.1.0.1
mqeq9.0.0.10
mqeq9.0.0.9
mqeq9.0.0.8

Name	Operator	Version
mq	eq	9.1.0.0
mq	eq	9.1.0.6
mq	eq	9.1.0.5
mq	eq	9.1.0.4
mq	eq	9.1.0.3
mq	eq	9.1.0.2
mq	eq	9.1.0.1
mq	eq	9.0.0.10
mq	eq	9.0.0.9
mq	eq	9.0.0.8

Rows per page:

1-10 of 471

References

exchange.xforce.ibmcloud.com/vulnerabilities/186509

www.ibm.com/support/pages/node/6408626