Vulnerabilities > IBM > MQ Appliance > 9.2.0.0

DATE CVE VULNERABILITY TITLE RISK
2023-07-19 CVE-2023-28513 Unspecified vulnerability in IBM MQ and MQ Appliance
IBM MQ 9.0 LTS, 9.1 LTS, 9.2 LTS, 9.3 LTS, 9.2 CD, and 9.3 CD and IBM MQ Appliance 9.2 LTS, 9.3 LTS, 9.2 CD, and 9.2 LTS, under certain configurations, is vulnerable to a denial of service attack caused by an error processing messages.
network
low complexity
ibm
7.5
7.5
2023-05-05 CVE-2023-26285 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in IBM MQ Appliance
IBM MQ 9.2 CD, 9.2 LTS, 9.3 CD, and 9.3 LTS could allow a remote attacker to cause a denial of service due to an error processing invalid data.
network
low complexity
ibm CWE-119
7.5
7.5
2023-05-05 CVE-2022-43919 Improper Input Validation vulnerability in IBM MQ Appliance
IBM MQ 9.2 CD, 9.2 LTS, 9.3 CD, and 9.3 LTS could allow an authenticated attacker with authorization to craft messages to cause a denial of service.
network
low complexity
ibm CWE-20
6.5
6.5
2023-05-05 CVE-2023-22874 Resource Exhaustion vulnerability in IBM MQ Appliance
IBM MQ Clients 9.2 CD, 9.3 CD, and 9.3 LTS are vulnerable to a denial of service attack when processing configuration files.
local
low complexity
ibm CWE-400
5.5
5.5
2023-03-10 CVE-2022-43902 Unspecified vulnerability in IBM MQ Appliance
IBM MQ 9.2 CD, 9.2 LTS, 9.3 CD, and 9.3 LTS is vulnerable to a denial of service attack caused by specially crafted PCF or MQSC messages.
network
low complexity
ibm
7.5
7.5
2022-11-03 CVE-2022-40230 Insufficient Session Expiration vulnerability in IBM MQ Appliance 9.2.0.0/9.3.0.0
"IBM MQ Appliance 9.2 CD, 9.2 LTS, 9.3 CD, and LTS 9.3 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system.
network
low complexity
ibm CWE-613
6.5
6.5
2022-04-05 CVE-2022-22355 Unspecified vulnerability in IBM MQ Appliance 9.2.0.0
IBM MQ Appliance 9.2 CD and 9.2 LTS are vulnerable to a denial of service in the Login component of the application which could allow an attacker to cause a drop in performance.
network
low complexity
ibm
5.0
5.0
2022-04-05 CVE-2022-22356 Information Exposure Through Discrepancy vulnerability in IBM MQ Appliance 9.2.0.0
IBM MQ Appliance 9.2 CD and 9.2 LTS could allow an attacker to enumerate account credentials due to an observable discrepancy in valid and invalid login attempts.
network
low complexity
ibm CWE-203
4.0
4.0
2022-03-23 CVE-2022-22316 Unspecified vulnerability in IBM MQ Appliance
IBM MQ Appliance 9.2 CD and 9.2 LTS could allow an authenticated and authorized user to cause a denial of service due to incorrectly configured authorization checks.
network
low complexity
ibm
4.0
4.0
2021-11-30 CVE-2021-38958 Unspecified vulnerability in IBM MQ Appliance 9.2.0.0
IBM MQ Appliance 9.2 CD and 9.2 LTS is affected by a denial of service attack caused by a concurrency issue.
local
low complexity
ibm
2.1
2.1