CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0CVE-2022-43919 – IBM MQ denial of service
https://notcve.org/view.php?id=CVE-2022-43919
IBM MQ 9.2 CD, 9.2 LTS, 9.3 CD, and 9.3 LTS could allow an authenticated attacker with authorization to craft messages to cause a denial of service. IBM X-Force ID: 241354. • https://exchange.xforce.ibmcloud.com/vulnerabilities/241354 https://www.ibm.com/support/pages/node/6986559 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 9EXPL: 0CVE-2022-43902 – IBM MQ denial of service
https://notcve.org/view.php?id=CVE-2022-43902
IBM MQ 9.2 CD, 9.2 LTS, 9.3 CD, and 9.3 LTS is vulnerable to a denial of service attack caused by specially crafted PCF or MQSC messages. IBM X-Force ID: 240832. • https://exchange.xforce.ibmcloud.com/vulnerabilities/240832 https://www.ibm.com/support/pages/node/6890643 •
CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0CVE-2022-40230
https://notcve.org/view.php?id=CVE-2022-40230
"IBM MQ Appliance 9.2 CD, 9.2 LTS, 9.3 CD, and LTS 9.3 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system. IBM X-Force ID: 235532." "IBM MQ Appliance 9.2 CD, 9.2 LTS, 9.3 CD y LTS 9.3 no invalidan la sesión después del cierre de sesión, lo que podría permitir a un usuario autenticado hacerse pasar por otro usuario en el sistema. ID de IBM X-Force: 235532". • https://www.ibm.com/support/pages/node/6622051 • CWE-613: Insufficient Session Expiration •
CVSS: 4.0EPSS: 0%CPEs: 9EXPL: 0CVE-2022-22326
https://notcve.org/view.php?id=CVE-2022-22326
IBM Datapower Gateway 10.0.2.0 through 10.0.4.0, 10.0.1.0 through 10.0.1.5, and 2018.4.1.0 through 2018.4.1.18 could allow unauthorized viewing of logs and files due to insufficient authorization checks. IBM X-Force ID: 218856. IBM Datapower Gateway versiones 10.0.2.0 hasta 10.0.4.0, 10.0.1.0 hasta 10.0.1.5 y 2018.4.1.0 hasta 2018.4.1.18, podría permitir la visualización no autorizada de registros y archivos debido a una insuficiencia de las comprobaciones de autorización. IBM X-Force ID: 218856 • https://exchange.xforce.ibmcloud.com/vulnerabilities/218856 https://www.ibm.com/support/pages/node/6560048 https://www.ibm.com/support/pages/node/6608598 • CWE-863: Incorrect Authorization •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2022-22356
https://notcve.org/view.php?id=CVE-2022-22356
IBM MQ Appliance 9.2 CD and 9.2 LTS could allow an attacker to enumerate account credentials due to an observable discrepancy in valid and invalid login attempts. IBM X-Force ID: 220487. IBM MQ Appliance versiones 9.2 CD y 9.2 LTS, podría permitir a un atacante enumerar credenciales de cuentas debido a una discrepancia observable en los intentos de inicio de sesión válidos e inválidos. IBM X-Force ID: 220487 • https://exchange.xforce.ibmcloud.com/vulnerabilities/220487 https://www.ibm.com/support/pages/node/6564711 • CWE-203: Observable Discrepancy •