CVSS: 7.5EPSS: 0%CPEs: 17EXPL: 0CVE-2023-28513 – IBM MQ denial of service
https://notcve.org/view.php?id=CVE-2023-28513
IBM MQ 9.0 LTS, 9.1 LTS, 9.2 LTS, 9.3 LTS, 9.2 CD, and 9.3 CD and IBM MQ Appliance 9.2 LTS, 9.3 LTS, 9.2 CD, and 9.2 LTS, under certain configurations, is vulnerable to a denial of service attack caused by an error processing messages. IBM X-Force ID: 250397. • https://exchange.xforce.ibmcloud.com/vulnerabilities/250397 https://www.ibm.com/support/pages/node/7007421 https://www.ibm.com/support/pages/node/7007731 • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 13EXPL: 0CVE-2023-28950 – IBM MQ information disclosure
https://notcve.org/view.php?id=CVE-2023-28950
IBM MQ 8.0, 9.0, 9.1, 9.2, and 9.3 could disclose sensitive user information from a trace file if that functionality has been enabled. IBM X-Force ID: 251358. • https://exchange.xforce.ibmcloud.com/vulnerabilities/251358 https://https://www.ibm.com/support/pages/node/6985837 •
CVSS: 4.0EPSS: 0%CPEs: 14EXPL: 0CVE-2022-42436 – IBM MQ information disclosure
https://notcve.org/view.php?id=CVE-2022-42436
IBM MQ 8.0.0, 9.0.0, 9.1.0, 9.2.0, 9.3.0 Managed File Transfer could allow a local user to obtain sensitive information from diagnostic files. IBM X-Force ID: 238206. • https://exchange.xforce.ibmcloud.com/vulnerabilities/238206 https://www.ibm.com/support/pages/node/6909467 •
CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0CVE-2022-40230
https://notcve.org/view.php?id=CVE-2022-40230
"IBM MQ Appliance 9.2 CD, 9.2 LTS, 9.3 CD, and LTS 9.3 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system. IBM X-Force ID: 235532." "IBM MQ Appliance 9.2 CD, 9.2 LTS, 9.3 CD y LTS 9.3 no invalidan la sesión después del cierre de sesión, lo que podría permitir a un usuario autenticado hacerse pasar por otro usuario en el sistema. ID de IBM X-Force: 235532". • https://www.ibm.com/support/pages/node/6622051 • CWE-613: Insufficient Session Expiration •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2022-22356
https://notcve.org/view.php?id=CVE-2022-22356
IBM MQ Appliance 9.2 CD and 9.2 LTS could allow an attacker to enumerate account credentials due to an observable discrepancy in valid and invalid login attempts. IBM X-Force ID: 220487. IBM MQ Appliance versiones 9.2 CD y 9.2 LTS, podría permitir a un atacante enumerar credenciales de cuentas debido a una discrepancia observable en los intentos de inicio de sesión válidos e inválidos. IBM X-Force ID: 220487 • https://exchange.xforce.ibmcloud.com/vulnerabilities/220487 https://www.ibm.com/support/pages/node/6564711 • CWE-203: Observable Discrepancy •