Vulnerabilities > IBM > MQ Appliance
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-04-05 | CVE-2022-22356 | Information Exposure Through Discrepancy vulnerability in IBM MQ Appliance 9.2.0.0 IBM MQ Appliance 9.2 CD and 9.2 LTS could allow an attacker to enumerate account credentials due to an observable discrepancy in valid and invalid login attempts. | 6.5 |
| 2022-03-23 | CVE-2022-22316 | Unspecified vulnerability in IBM MQ Appliance IBM MQ Appliance 9.2 CD and 9.2 LTS could allow an authenticated and authorized user to cause a denial of service due to incorrectly configured authorization checks. | 6.5 |
| 2021-11-30 | CVE-2021-38958 | Unspecified vulnerability in IBM MQ Appliance 9.2.0.0 IBM MQ Appliance 9.2 CD and 9.2 LTS is affected by a denial of service attack caused by a concurrency issue. | 5.5 |
| 2021-11-30 | CVE-2021-38967 | Code Injection vulnerability in IBM MQ Appliance 9.2.0.0 IBM MQ Appliance 9.2 CD and 9.2 LTS could allow a local privileged user to inject and execute malicious code. | 6.7 |
| 2021-11-30 | CVE-2021-38999 | Information Exposure vulnerability in IBM MQ Appliance 9.2.0.0 IBM MQ Appliance could allow a local attacker to obtain sensitive information by inclusion of sensitive data within trace. | 5.5 |
| 2021-11-30 | CVE-2021-39000 | Information Exposure vulnerability in IBM MQ Appliance 9.2.0.0 IBM MQ Appliance 9.2 CD and 9.2 LTS could allow a local attacker to obtain sensitive information by inclusion of sensitive data within diagnostics. | 5.5 |
| 2021-11-08 | CVE-2021-29843 | Unspecified vulnerability in IBM MQ Appliance IBM MQ 9.1 LTS, 9.1 CD, 9.2 LTS, and 9.2CD is vulnerable to a denial of service attack caused by an issue processing message properties. | 6.5 |
| 2021-07-12 | CVE-2020-4938 | Cross-Site Request Forgery (CSRF) vulnerability in IBM MQ Appliance IBM MQ Appliance 9.1 and 9.2 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | 8.8 |
| 2021-01-28 | CVE-2020-4682 | Deserialization of Untrusted Data vulnerability in IBM MQ, MQ Appliance and Websphere MQ IBM MQ 7.5, 8.0, 9.0, 9.1, 9.2 LTS, and 9.2 CD could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization of trusted data. | 9.8 |
| 2021-01-11 | CVE-2020-4869 | Classic Buffer Overflow vulnerability in IBM MQ Appliance 9.2.0.0 IBM MQ Appliance 9.2 CD and 9.2 LTS is vulnerable to a denial of service, caused by a buffer overflow. | 6.5 |