IBM MQ Appliance has resolved a vulnerability that could allow unauthorized viewing of logs and files.
CVEID:CVE-2022-22326
**DESCRIPTION:**IBM MQ Appliance could allow unauthorized viewing of logs and files due to insufficient authorisation checks.
CVSS Base score: 4
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/218856 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
Affected Product(s) | Version(s) |
---|---|
IBM MQ Appliance | 9.2 CD |
IBM MQ Appliance | 9.2 LTS |
This vulnerability is addressed under APAR IT39625.
IBM strongly recommends addressing the vulnerability now.
IBM MQ Appliance version 9.2 LTS
Apply fixpack 9.2.0.5, or later firmware.
IBM MQ Appliance version 9.2 CD
Upgrade to 9.2.5 CD, or later firmware.
None