Lucene search

IbmCVELIST:CVE-2023-22874

HistoryMay 05, 2023 - 2:57 p.m.

CVE-2023-22874 IBM MQ denial of service

2023-05-0514:57:23

ibm

www.cve.org

ibm

denial of service

vulnerability

clients

configuration files

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

AI Score

5.5

Confidence

High

EPSS

0.001

Percentile

17.8%

JSON

IBM MQ Clients 9.2 CD, 9.3 CD, and 9.3 LTS are vulnerable to a denial of service attack when processing configuration files. IBM X-Force ID: 244216.

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "MQ",
    "vendor": "IBM",
    "versions": [
      {
        "status": "affected",
        "version": "9.2 CD, 9.3 CD, and 9.3 LTS"
      }
    ]
  }
]

References

exchange.xforce.ibmcloud.com/vulnerabilities/244216

www.ibm.com/support/pages/node/6985901

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

AI Score

5.5

Confidence

High

EPSS

0.001

Percentile

17.8%

JSON

Related for CVELIST:CVE-2023-22874