Vulnerabilities > IBM > MQ > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-02-12 | CVE-2022-42436 | Unspecified vulnerability in IBM MQ IBM MQ 8.0.0, 9.0.0, 9.1.0, 9.2.0, 9.3.0 Managed File Transfer could allow a local user to obtain sensitive information from diagnostic files. | 3.3 |
| 2021-11-16 | CVE-2021-38949 | Cleartext Storage of Sensitive Information vulnerability in IBM MQ and Websphere MQ IBM MQ 7.5, 8.0, 9.0 LTS, 9.1 CD, and 9.1 LTS stores user credentials in plain clear text which can be read by a local user. | 2.1 |
| 2020-04-16 | CVE-2020-4338 | Information Exposure vulnerability in IBM MQ IBM MQ 9.1.4 could allow a local attacker to obtain sensitive information by inclusion of sensitive data within runmqras data. | 2.1 |
| 2020-03-16 | CVE-2019-4619 | Information Exposure Through an Error Message vulnerability in IBM MQ, MQ Appliance and Websphere MQ IBM MQ and IBM MQ Appliance 7.1, 7.5, 8.0, 9.0 LTS, 9.1 LTS, and 9.1 CD could allow a local attacker to obtain sensitive information by inclusion of sensitive data within trace. | 2.1 |
| 2020-03-16 | CVE-2019-4719 | Unspecified vulnerability in IBM MQ, MQ Appliance and Websphere MQ IBM MQ and IBM MQ Appliance 7.1, 7.5, 8.0, 9.0 LTS, 9.1 LTS, and 9.1 CD could allow a local attacker to obtain sensitive information by inclusion of sensitive data within runmqras data. | 2.1 |
| 2019-08-20 | CVE-2019-4049 | Resource Exhaustion vulnerability in IBM MQ IBM MQ 9.1.0.0, 9.1.0.1, 9.1.1, and 9.1.0.2 is vulnerable to a denial of service due to a local user being able to fill up the disk space of the underlying filesystem using the error logging service. | 2.1 |
| 2019-03-21 | CVE-2018-1836 | Cross-site Scripting vulnerability in IBM MQ IBM WebSphere MQ 9.0.2, 9.0.3, 9.0.4, 9.0.5, 9.1.0.0, and 9.1.0.1 console is vulnerable to cross-site scripting. | 3.5 |