Lucene search
IBM38B2CD8C8717C6594265D5C2FCD7DE4E3D9CD5815119622B625C72FEFE93059CHistoryNov 29, 2021 - 1:15 p.m.
Security Bulletin: IBM MQ Appliance is affected by a disclosure of sensitive information vulnerability (CVE-2021-39000)
2021-11-2913:15:49
www.ibm.com
10
ibm mq
appliance
vulnerability
disclosure
apar it38979
sensiive information
cve-2021-39000
fixpack 9.2.0.4
9.2.4 cd
EPSS
0
Percentile
5.1%
Summary
IBM MQ Appliance has resolved a disclosure of sensitive information vulnerability.
Vulnerability Details
CVEID:CVE-2021-39000
**DESCRIPTION:**IBM MQ could allow a local attacker to obtain sensitive information by inclusion of sensitive data within diagnostics.
CVSS Base score: 5.9
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/213215 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N)
Affected Products and Versions
| Affected Product(s) | Version(s) |
|---|---|
| IBM MQ Appliance | 9.2 CD |
| IBM MQ Appliance | 9.2 LTS |
Remediation/Fixes
This vulnerability is addressed under APAR IT38979.
IBM MQ Appliance version 9.2 LTS
Apply fixpack 9.2.0.4, or later firmware.
IBM MQ Appliance version 9.2 CD
Upgrade to 9.2.4 CD, or later firmware.
Workarounds and Mitigations
None
Related
cnvd
cnvd
IBM MQ Information Disclosure Vulnerability (CNVD-2021-92960)
2021-12-01 00:00:00
cve
cve
CVE-2021-39000
2021-11-30 17:15:11
prion
prion
Information disclosure
2021-11-30 17:15:00
cvelist
cvelist
CVE-2021-39000
2021-11-30 16:45:19
nvd
nvd
CVE-2021-39000
2021-11-30 17:15:11