Vulnerabilities > IBM > MQ Appliance > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-05-05 CVE-2022-43919 Unspecified vulnerability in IBM MQ Appliance
IBM MQ 9.2 CD, 9.2 LTS, 9.3 CD, and 9.3 LTS could allow an authenticated attacker with authorization to craft messages to cause a denial of service.
network
low complexity
ibm
6.5
2023-05-05 CVE-2023-22874 Resource Exhaustion vulnerability in IBM MQ Appliance
IBM MQ Clients 9.2 CD, 9.3 CD, and 9.3 LTS are vulnerable to a denial of service attack when processing configuration files.
local
low complexity
ibm CWE-400
5.5
2022-11-03 CVE-2022-40230 Insufficient Session Expiration vulnerability in IBM MQ Appliance 9.2.0.0/9.3.0.0
"IBM MQ Appliance 9.2 CD, 9.2 LTS, 9.3 CD, and LTS 9.3 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system.
network
low complexity
ibm CWE-613
6.5
2022-04-05 CVE-2022-22355 Unspecified vulnerability in IBM MQ Appliance 9.2.0.0
IBM MQ Appliance 9.2 CD and 9.2 LTS are vulnerable to a denial of service in the Login component of the application which could allow an attacker to cause a drop in performance.
network
low complexity
ibm
5.3
2022-04-05 CVE-2022-22356 Information Exposure Through Discrepancy vulnerability in IBM MQ Appliance 9.2.0.0
IBM MQ Appliance 9.2 CD and 9.2 LTS could allow an attacker to enumerate account credentials due to an observable discrepancy in valid and invalid login attempts.
network
low complexity
ibm CWE-203
6.5
2022-03-23 CVE-2022-22316 Unspecified vulnerability in IBM MQ Appliance
IBM MQ Appliance 9.2 CD and 9.2 LTS could allow an authenticated and authorized user to cause a denial of service due to incorrectly configured authorization checks.
network
low complexity
ibm
6.5
2021-11-30 CVE-2021-38958 Unspecified vulnerability in IBM MQ Appliance 9.2.0.0
IBM MQ Appliance 9.2 CD and 9.2 LTS is affected by a denial of service attack caused by a concurrency issue.
local
low complexity
ibm
5.5
2021-11-30 CVE-2021-38967 Code Injection vulnerability in IBM MQ Appliance 9.2.0.0
IBM MQ Appliance 9.2 CD and 9.2 LTS could allow a local privileged user to inject and execute malicious code.
local
low complexity
ibm CWE-94
6.7
2021-11-30 CVE-2021-38999 Information Exposure vulnerability in IBM MQ Appliance 9.2.0.0
IBM MQ Appliance could allow a local attacker to obtain sensitive information by inclusion of sensitive data within trace.
local
low complexity
ibm CWE-200
5.5
2021-11-30 CVE-2021-39000 Information Exposure vulnerability in IBM MQ Appliance 9.2.0.0
IBM MQ Appliance 9.2 CD and 9.2 LTS could allow a local attacker to obtain sensitive information by inclusion of sensitive data within diagnostics.
local
low complexity
ibm CWE-200
5.5