Vulnerabilities > IBM > MQ Appliance > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-05-05 | CVE-2022-43919 | Improper Input Validation vulnerability in IBM MQ Appliance IBM MQ 9.2 CD, 9.2 LTS, 9.3 CD, and 9.3 LTS could allow an authenticated attacker with authorization to craft messages to cause a denial of service. | 6.5 |
| 2023-05-05 | CVE-2023-22874 | Resource Exhaustion vulnerability in IBM MQ Appliance IBM MQ Clients 9.2 CD, 9.3 CD, and 9.3 LTS are vulnerable to a denial of service attack when processing configuration files. | 5.5 |
| 2022-11-03 | CVE-2022-40230 | Insufficient Session Expiration vulnerability in IBM MQ Appliance 9.2.0.0/9.3.0.0 "IBM MQ Appliance 9.2 CD, 9.2 LTS, 9.3 CD, and LTS 9.3 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system. | 6.5 |
| 2022-04-05 | CVE-2022-22355 | Unspecified vulnerability in IBM MQ Appliance 9.2.0.0 IBM MQ Appliance 9.2 CD and 9.2 LTS are vulnerable to a denial of service in the Login component of the application which could allow an attacker to cause a drop in performance. | 5.0 |
| 2022-04-05 | CVE-2022-22356 | Information Exposure Through Discrepancy vulnerability in IBM MQ Appliance 9.2.0.0 IBM MQ Appliance 9.2 CD and 9.2 LTS could allow an attacker to enumerate account credentials due to an observable discrepancy in valid and invalid login attempts. | 4.0 |
| 2022-03-23 | CVE-2022-22316 | Unspecified vulnerability in IBM MQ Appliance IBM MQ Appliance 9.2 CD and 9.2 LTS could allow an authenticated and authorized user to cause a denial of service due to incorrectly configured authorization checks. | 4.0 |
| 2021-11-30 | CVE-2021-38967 | Code Injection vulnerability in IBM MQ Appliance 9.2.0.0 IBM MQ Appliance 9.2 CD and 9.2 LTS could allow a local privileged user to inject and execute malicious code. | 4.6 |
| 2021-11-08 | CVE-2021-29843 | Unspecified vulnerability in IBM MQ Appliance IBM MQ 9.1 LTS, 9.1 CD, 9.2 LTS, and 9.2CD is vulnerable to a denial of service attack caused by an issue processing message properties. | 4.0 |
| 2021-07-12 | CVE-2020-4938 | Cross-Site Request Forgery (CSRF) vulnerability in IBM MQ Appliance IBM MQ Appliance 9.1 and 9.2 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | 6.8 |
| 2021-01-11 | CVE-2020-4869 | Classic Buffer Overflow vulnerability in IBM MQ Appliance 9.2.0.0 IBM MQ Appliance 9.2 CD and 9.2 LTS is vulnerable to a denial of service, caused by a buffer overflow. | 4.0 |