Mq@9.4 Security Vulnerabilities and Issues — Mq@9.4 CVE List

Lucene search

IbmMq9.4

11 matches found

CVE•added 2024/12/18 8:15 p.m.•66 views

CVE-2024-51470

IBM MQ 9.1 LTS, 9.2 LTS, 9.3 LTS, 9.3 CD, 9.4 LTS, 9.4 CD, IBM MQ Appliance 9.3 LTS, 9.3 CD, 9.4 LTS, and IBM MQ for HPE NonStop 8.1.0 through 8.1.0.25 could allow an authenticated user to cause a denial-of-service due to messages with improperly set values.

6.5CVSS6.3AI score0.00063EPSS

CVE•added 2024/12/19 6:15 p.m.•57 views

CVE-2024-52897

IBM MQ 9.2 LTS, 9.3 LTS, 9.3 CD, 9.4 LTS, and 9.4 CD web console could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned.

6.2CVSS6.1AI score0.00024EPSS

CVE•added 2025/02/28 3:15 a.m.•57 views

CVE-2025-23225

IBM MQ 9.3 LTS, 9.3 CD, 9.4 LTS, and 9.4 CD could allow an authenticated user to cause a denial of service due to the improper handling of invalid headers sent to the queue.

6.5CVSS6.5AI score0.00096EPSS

CVE•added 2024/09/07 3:15 p.m.•53 views

CVE-2024-40681

IBM MQ 9.1 LTS, 9.2 LTS, 9.3 LTS, 9.3 CD, 9.4 LTS, and 9.4 CD could allow an authenticated user in a specifically defined role, to bypass security restrictions and execute actions against the queue manager.

7.5CVSS7.4AI score0.00101EPSS

CVE•added 2024/09/07 2:15 p.m.•52 views

CVE-2024-40680

IBM MQ 9.3 CD and 9.4 LTS/CD could allow a local user to cause a denial of service due to improper memory allocation causing a segmentation fault.

5.5CVSS5.2AI score0.00024EPSS

CVE•added 2025/02/28 5:15 p.m.•52 views

CVE-2025-0985

IBM MQ 9.3 LTS, 9.3 CD, 9.4 LTS, and 9.4 CD stores potentially sensitive information in environment variables that could be obtained by a local user.

6.5CVSS6.2AI score0.00031EPSS

CVE•added 2025/02/28 5:15 p.m.•50 views

CVE-2024-54175

IBM MQ 9.3 LTS, 9.3 CD, 9.4 LTS, and 9.4 CD could allow a local user to cause a denial of service due to an improper check for unusual or exceptional conditions.

5.5CVSS6.6AI score0.00024EPSS

CVE•added 2024/12/19 5:15 p.m.•48 views

CVE-2024-52896

IBM MQ 9.2 LTS, 9.3 LTS, 9.3 CD, 9.4 LTS, and 9.4 CD web console could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned.

6.2CVSS6.1AI score0.00024EPSS

CVE•added 2025/02/28 3:15 a.m.•48 views

CVE-2024-54173

IBM MQ 9.3 LTS, 9.3 CD, 9.4 LTS, and 9.4 CD reveals potentially sensitive information in trace files that could be read by a local user when webconsole trace is enabled.

4.7CVSS4.8AI score0.00011EPSS

CVE•added 2025/02/28 3:15 a.m.•47 views

CVE-2025-0975

IBM MQ 9.3 LTS, 9.3 CD, 9.4 LTS, and 9.4 CD console could allow an authenticated user to execute code due to improper neutralization of escape characters.

8.8CVSS8.7AI score0.00148EPSS

CVE•added 2025/01/14 5:15 p.m.•46 views

CVE-2024-52898

IBM MQ 9.3 LTS, 9.3 CD, 9.4 LTS, and 9.4 CD web console could allow a local user to obtain sensitive information when a detailed technical error message is returned.

6.2CVSS6AI score0.00016EPSS