Lucene search
IBMD827436A69D2666B4B627049386C758B0B78984F886C4EEBB8A72951C9387366HistoryFeb 28, 2022 - 3:10 p.m.
Security Bulletin: IBM MQ Appliance could allow unauthorized viewing of logs and files (CVE-2022-22326)
2022-02-2815:10:26
www.ibm.com
22
ibm mq
appliance
unauthorized viewing
vulnerability
cve-2022-22326
logs
files
insufficient authorization
fix
upgrade
EPSS
0.001
Percentile
17.2%
Summary
IBM MQ Appliance has resolved a vulnerability that could allow unauthorized viewing of logs and files.
Vulnerability Details
CVEID:CVE-2022-22326
**DESCRIPTION:**IBM MQ Appliance could allow unauthorized viewing of logs and files due to insufficient authorisation checks.
CVSS Base score: 4
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/218856 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
Affected Products and Versions
| Affected Product(s) | Version(s) |
|---|---|
| IBM MQ Appliance | 9.2 CD |
| IBM MQ Appliance | 9.2 LTS |
Remediation/Fixes
This vulnerability is addressed under APAR IT39625.
IBM strongly recommends addressing the vulnerability now.
IBM MQ Appliance version 9.2 LTS
Apply fixpack 9.2.0.5, or later firmware.
IBM MQ Appliance version 9.2 CD
Upgrade to 9.2.5 CD, or later firmware.
Workarounds and Mitigations
None
Related
cve
cve
CVE-2022-22326
2022-08-01 11:15:13
prion
prion
Authorization
2022-08-01 11:15:00
ibm
ibm
cvelist
cvelist
CVE-2022-22326
2022-07-31 16:05:25
nvd
nvd
CVE-2022-22326
2022-08-01 11:15:13
EPSS
0.001
Percentile
17.2%
Related for D827436A69D2666B4B627049386C758B0B78984F886C4EEBB8A72951C9387366