IBM MQ Vulnerability Could Lead to Sensitive Information Disclosure
CVE-2024-35156
6.5MEDIUM
Summary
IBM MQ 9.3 LTS and 9.3 CD could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 292766.
Affected Version(s)
MQ = 9.3 LTS and 9.3 CD
CVSS V3.1
Score:
6.5
Severity:
MEDIUM
Confidentiality:
HIGH
Integrity:
NONE
Availability:
NONE
Attack Complexity:
LOW
Privileges Required:
LOW
User Interaction:
NONE
Scope:
UNCHANGED
Timeline
Vulnerability published.
Vulnerability Reserved.
Collectors
NVD DatabaseMitre Database