Remote Code Execution (RCE)

2022-02-1407:24:02

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

0.01 Low

EPSS

Percentile

83.4%

JSON

IBM MQ is vulnerable to remote code execution. The vulnerability exists due to an insecure deserialization of trusted data allowing an attacker to execute maliciously crafted script on the system.

CPENameOperatorVersion
ibm mqeq9.2.0.0
ibm mqle9.1.0.6
ibm mqle9.0.5.0
github.com/ibm-messaging/mq-containerle9.2.0
ibm mqeq9.2.0.0
ibm mqle9.1.0.6
ibm mqle9.0.5.0
ibm mqeq9.2.0.0
ibm mqle9.1.0.6
ibm mqle9.0.5.0

Name	Operator	Version
ibm mq	eq	9.2.0.0
ibm mq	le	9.1.0.6
ibm mq	le	9.0.5.0
github.com/ibm-messaging/mq-container	le	9.2.0
ibm mq	eq	9.2.0.0
ibm mq	le	9.1.0.6
ibm mq	le	9.0.5.0
ibm mq	eq	9.2.0.0
ibm mq	le	9.1.0.6
ibm mq	le	9.0.5.0