Information Disclosure in IBM MQ for HPE NonStop 8.1.0
CVE-2022-22325

5.1MEDIUM

Key Information:

Vendor: IBM
Status: MQ For HP Nonstop
Vendor: CVE Published:; 13 May 2022

Summary

IBM MQ for HPE NonStop 8.1.0 is susceptible to a vulnerability that may allow a local user to gain access to sensitive information through a disclosed stack trace. This situation arises under specific conditions and can pose risks to data confidentiality. Proper measures and security practices should be implemented to mitigate potential exposure.

Affected Version(s)

MQ for HPE NonStop 8.1.0

References

https://www.ibm.com/support/pages/node/6585780

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/218853

vdb-entryx_refsource_XF

CVSS V3.1

Score:

5.1

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
May 13, 2022
Vulnerability Reserved
Jan 3, 2022