171 results (0.004 seconds)

CVSS: 6.2EPSS: 0%CPEs: 5EXPL: 0

IBM MQ Operator 2.0.0 LTS, 2.0.18 LTS, 3.0.0 CD, 3.0.1 CD, 2.4.0 through 2.4.7, 2.3.0 through 2.3.3, 2.2.0 through 2.2.2, and 2.3.0 through 2.3.3 stores or transmits user credentials in plain clear text which can be read by a local user using a trace command. IBM X-Force ID: 272638. • https://exchange.xforce.ibmcloud.com/vulnerabilities/272638 https://www.ibm.com/support/pages/node/7126571 • CWE-319: Cleartext Transmission of Sensitive Information •

CVSS: 5.9EPSS: 0%CPEs: 5EXPL: 0

IBM MQ Operator 2.0.0 LTS, 2.0.18 LTS, 3.0.0 CD, 3.0.1 CD, 2.4.0 through 2.4.7, 2.3.0 through 2.3.3, 2.2.0 through 2.2.2, and 2.3.0 through 2.3.3 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 283905. • https://exchange.xforce.ibmcloud.com/vulnerabilities/283905 https://www.ibm.com/support/pages/node/7126571 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •

CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0

IBM MQ Appliance 9.3 LTS and 9.3 CD could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request to view arbitrary files on the system. IBM X-Force ID: 269536. IBM MQ Appliance 9.3 LTS y 9.3 CD podrían permitir que un atacante remoto atraviese directorios del sistema. Un atacante podría enviar una solicitud URL especialmente manipulada para ver archivos arbitrarios en el sistema. • https://exchange.xforce.ibmcloud.com/vulnerabilities/269536 https://www.ibm.com/support/pages/node/7091235 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

IBM MQ Appliance 9.3 CD could allow a local attacker to gain elevated privileges on the system, caused by improper validation of security keys. IBM X-Force ID: 269535. IBM MQ Appliance 9.3 CD podría permitir a un atacante local obtener privilegios elevados en el sistema, causado por una validación inadecuada de las claves de seguridad. ID de IBM X-Force: 269535. • https://exchange.xforce.ibmcloud.com/vulnerabilities/269535 https://www.ibm.com/support/pages/node/7060769 • CWE-424: Improper Protection of Alternate Path •

CVSS: 7.5EPSS: 0%CPEs: 17EXPL: 0

IBM MQ 9.0 LTS, 9.1 LTS, 9.2 LTS, 9.3 LTS, 9.2 CD, and 9.3 CD and IBM MQ Appliance 9.2 LTS, 9.3 LTS, 9.2 CD, and 9.2 LTS, under certain configurations, is vulnerable to a denial of service attack caused by an error processing messages. IBM X-Force ID: 250397. • https://exchange.xforce.ibmcloud.com/vulnerabilities/250397 https://www.ibm.com/support/pages/node/7007421 https://www.ibm.com/support/pages/node/7007731 • CWE-20: Improper Input Validation •