IBM MQ Appliance has resolved a disclosure of sensitive information vulnerability.
CVEID:CVE-2021-39000
**DESCRIPTION:**IBM MQ could allow a local attacker to obtain sensitive information by inclusion of sensitive data within diagnostics.
CVSS Base score: 5.9
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/213215 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N)
Affected Product(s) | Version(s) |
---|---|
IBM MQ Appliance | 9.2 CD |
IBM MQ Appliance | 9.2 LTS |
This vulnerability is addressed under APAR IT38979.
IBM MQ Appliance version 9.2 LTS
Apply fixpack 9.2.0.4, or later firmware.
IBM MQ Appliance version 9.2 CD
Upgrade to 9.2.4 CD, or later firmware.
None