Multiple vulnerabilities in IBM MQ



Risk Medium
Patch available YES
Number of vulnerabilities 5
CVE-ID CVE-2024-35155
CVE-2024-31919
CVE-2024-35156
CVE-2024-35116
CVE-2024-31912
CWE-ID CWE-211
CWE-388
CWE-264
Exploitation vector Network
Public exploit N/A
Vulnerable software
 IBM MQ
Server applications / Other server solutions

Vendor IBM Corporation

Security Bulletin

This security bulletin contains information about 5 vulnerabilities.

1) Information exposure through externally-generated error message

EUVDB-ID: #VU93445

Risk: Medium

CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2024-35155

CWE-ID: CWE-211 - Externally-generated error message containing sensitive information

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to excessive data output by the IBM MQ Console while handling error conditions. A remote attacker can obtain sensitive information on the system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

IBM MQ: before 9.3.0.20

CPE2.3 External links

https://www.ibm.com/support/pages/node/7158059


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Improper error handling

EUVDB-ID: #VU93444

Risk: Medium

CVSSv4.0: 2.1 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2024-31919

CWE-ID: CWE-388 - Error Handling

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to an error caused by an error processing messages when an API Exit using MQBUFMH is used. A remote attacker can perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

IBM MQ: before 9.0.0.25, 9.0.0.26, 9.1.0.22, 9.2.0.26, 9.3.0.20, 9.0.0.25, 9.0.0.25, 9.0.0.25

CPE2.3
External links

https://www.ibm.com/support/pages/node/7157979


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Information exposure through externally-generated error message

EUVDB-ID: #VU93443

Risk: Medium

CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2024-35156

CWE-ID: CWE-211 - Externally-generated error message containing sensitive information

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to excessive data output by the application while handling error conditions. A remote attacker can obtain sensitive information on the system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

IBM MQ: before 9.3.0.20

CPE2.3
External links

https://www.ibm.com/support/pages/node/7158058


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Improper error handling

EUVDB-ID: #VU93442

Risk: Medium

CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2024-35116

CWE-ID: CWE-388 - Error Handling

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to an error applying configuration changes. A remote attacker can send specially crafted requests to the application and perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

IBM MQ: before 9.0.0.26, 9.1.0.22, 9.2.0.26, 9.3.0.20, 9.0.0.26, 9.0.0.26, 9.0.0.26

CPE2.3
External links

https://www.ibm.com/support/pages/node/7158071


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Permissions, Privileges, and Access Controls

EUVDB-ID: #VU93441

Risk: Medium

CVSSv4.0: 5.2 [CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2024-31912

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a remote user to escalate privileges on the system.

The vulnerability exists due to application does not properly impose security restrictions, which leads to security restrictions bypass and privilege escalation.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

IBM MQ: before 9.3.0.20

CPE2.3
External links

https://www.ibm.com/support/pages/node/7158072


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###