Lucene search
IbmCVELIST:CVE-2023-28950HistoryMay 19, 2023 - 3:20 p.m.
CVE-2023-28950 IBM MQ information disclosure
2023-05-1915:20:50
ibm
www.cve.org
8
ibm mq
information disclosure
vulnerability
trace file
user information
ibm x-force id
CVSS3
5.1
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
AI Score
5.3
Confidence
High
EPSS
0
Percentile
9.0%
IBM MQ 8.0, 9.0, 9.1, 9.2, and 9.3 could disclose sensitive user information from a trace file if that functionality has been enabled. IBM X-Force ID: 251358.
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "MQ",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "8.0, 9.0 LTS, 9.1 LTS, 9.2 LTS, 9.2 CD, 9.3 LTS, 9.3 CD"
}
]
}
]Related
nvd
nvd
CVE-2023-28950
2023-05-19 16:15:14
prion
prion
Design/Logic Flaw
2023-05-19 16:15:00
ibm
ibm
nessus
nessus
IBM MQ Information Disclosure (6985837)
2023-05-12 00:00:00
veracode
veracode
Information Disclosure
2023-05-26 10:22:41
cve
cve
CVE-2023-28950
2023-05-19 16:15:14
CVSS3
5.1
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
AI Score
5.3
Confidence
High
EPSS
0
Percentile
9.0%
Related for CVELIST:CVE-2023-28950