Lucene search

Veracode Vulnerability DatabaseVERACODE:46934

HistoryMay 15, 2024 - 9:41 a.m.

Heap-based Buffer Overflow

2024-05-1509:41:14

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

ibm mq

buffer overflow

vulnerability

bounds checking

remote attacker

arbitrary code

server crash

security issue

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

8 High

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

9.2%

JSON

IBM MQ Appliance 9.3 CD and LTS are vulnerable to a Heap-based Buffer Overflow. The vulnerability is due to improper bounds checking, allowing a remote authenticated attacker to overflow a buffer and execute arbitrary code on the system or cause the server to crash.

CPENameOperatorVersion
ibm mqle9.1.0.18
ibm mqle9.0.5.0
ibm mqle9.2.0.22
ibm mqle9.3.0.16
ibm mqle9.1.0.18
ibm mqle9.3.0.16
ibm mqle9.2.0.22
ibm mqle9.0.5.0
github.com/ibm-messaging/mq-containerle9.3.3.2-r2
ibm mqle9.1.0.18

Name	Operator	Version
ibm mq	le	9.1.0.18
ibm mq	le	9.0.5.0
ibm mq	le	9.2.0.22
ibm mq	le	9.3.0.16
ibm mq	le	9.1.0.18
ibm mq	le	9.3.0.16
ibm mq	le	9.2.0.22
ibm mq	le	9.0.5.0
github.com/ibm-messaging/mq-container	le	9.3.3.2-r2
ibm mq	le	9.1.0.18

Rows per page:

1-10 of 181

References

exchange.xforce.ibmcloud.com/vulnerabilities/283137

www.ibm.com/support/pages/node/7149582

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

8 High

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

9.2%

JSON

Related for VERACODE:46934