IBM MQ denial of service
CVE-2023-26285

5.9MEDIUM

Key Information:

Vendor: IBM
Status: MQ
Vendor: CVE Published:; 5 May 2023

Summary

IBM MQ versions 9.2 CD, 9.2 LTS, 9.3 CD, and 9.3 LTS are subject to a vulnerability that may allow a remote attacker to trigger a denial of service condition. This can occur when the system encounters errors while processing invalid data, potentially disrupting service availability and impacting operational continuity.

Affected Version(s)

MQ 9.2 CD, 9.2 LTS, 9.3 CD, 9.3 LTS

References

https://www.ibm.com/support/pages/node/6986563

vendor-advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/248418

vdb-entry

CVSS V3.1

Score:

5.9

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
May 5, 2023
Vulnerability Reserved
Feb 21, 2023