Vulnerabilities > IBM > MQ > High

DATE CVE VULNERABILITY TITLE RISK
2024-06-28 CVE-2024-35116 Allocation of Resources Without Limits or Throttling vulnerability in IBM MQ
IBM MQ 9.0 LTS, 9.1 LTS, 9.2 LTS, 9.3 LTS, and 9.3 CD is vulnerable to a denial of service attack caused by an error applying configuration changes.
network
low complexity
ibm CWE-770
7.5
2024-06-28 CVE-2024-31912 Unspecified vulnerability in IBM MQ 9.3.0
IBM MQ 9.3 LTS and 9.3 CD could allow an authenticated user to escalate their privileges under certain configurations due to incorrect privilege assignment.
network
low complexity
ibm
8.8
2024-06-28 CVE-2024-31919 Unspecified vulnerability in IBM MQ
IBM MQ 9.0 LTS, 9.1 LTS, 9.2 LTS, 9.3 LTS and 9.3 CD, in certain configurations, is vulnerable to a denial of service attack caused by an error processing messages when an API Exit using MQBUFMH is used.
network
low complexity
ibm
7.5
2023-07-19 CVE-2023-28513 Unspecified vulnerability in IBM MQ and MQ Appliance
IBM MQ 9.0 LTS, 9.1 LTS, 9.2 LTS, 9.3 LTS, 9.2 CD, and 9.3 CD and IBM MQ Appliance 9.2 LTS, 9.3 LTS, 9.2 CD, and 9.2 LTS, under certain configurations, is vulnerable to a denial of service attack caused by an error processing messages.
network
low complexity
ibm
7.5
2022-02-17 CVE-2021-39034 Unspecified vulnerability in IBM MQ
IBM MQ 9.1 LTS is vulnerable to a denial of service attack caused by an issue within the channel process.
network
low complexity
ibm
7.5
2020-12-21 CVE-2020-4870 Unspecified vulnerability in IBM MQ 9.2.0
IBM MQ 9.2 CD and LTS are vulnerable to a denial of service attack caused by an error processing connecting applications.
network
low complexity
ibm
7.5
2020-06-16 CVE-2020-4310 Unspecified vulnerability in IBM MQ and Websphere MQ
IBM MQ and MQ Appliance 7.1, 7.5, 8.0, 9.0 LTS, 9.1 LTS, and 9.1 C are vulnerable to a denial of service attack due to an error within the Data Conversion logic.
network
low complexity
ibm
7.5
2020-04-16 CVE-2019-4762 Unspecified vulnerability in IBM MQ
IBM MQ 9.0 and 9.1 is vulnerable to a denial of service attack due to an error in the Channel processing function.
network
low complexity
ibm
7.5
2019-10-04 CVE-2019-4227 Session Fixation vulnerability in IBM MQ
IBM MQ 8.0.0.4 - 8.0.0.12, 9.0.0.0 - 9.0.0.6, 9.1.0.0 - 9.1.0.2, and 9.1.0 - 9.1.2 AMQP Listeners could allow an unauthorized user to conduct a session fixation attack due to clients not being disconnected as they should.
network
low complexity
ibm CWE-384
7.3
2019-04-19 CVE-2019-4055 Unspecified vulnerability in IBM MQ and MQ Appliance
IBM MQ 8.0.0.0 through 8.0.0.10, 9.0.0.0 through 9.0.0.5, and 9.1.0.0 through 9.1.1 is vulnerable to a denial of service attack within the TLS key renegotiation function.
network
low complexity
ibm
7.5