Multiple vulnerabilities in IBM MQ Operator
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 7 |
| CVE-ID | CVE-2023-6004 CVE-2023-6918 CVE-2024-22365 CVE-2024-26458 CVE-2023-7008 CVE-2024-3651 CVE-2024-27256 |
| CWE-ID | CWE-78 CWE-252 CWE-400 CWE-401 CWE-345 CWE-327 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
IBM MQ Operator Server applications / Other server solutions |
| Vendor | IBM Corporation |
Security Bulletin
This security bulletin contains information about 7 vulnerabilities.
1) OS Command Injection
EUVDB-ID: #VU84538
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-6004
CWE-ID:
CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary shell commands on the target system.
The vulnerability exists due to improper input validation in OpenSSH client. If an invalid user or hostname that contained shell metacharacters was passed to ssh(1), and a ProxyCommand, LocalCommand directive or "match exec" predicate referenced the user or hostname via %u, %h or similar expansion token, then an attacker who could supply arbitrary user/hostnames to ssh(1) could potentially perform command injection depending on what quoting was present in the user-supplied ssh_config(5) directive.
Mitigation
Install update from vendor's website.
Vulnerable software versionsIBM MQ Operator: 2.0.0 - 3.1.3
CPE2.3- cpe:2.3:a:ibm_corporation:ibm_mq_operator:2.0.22:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:ibm_mq_operator:2.0.14:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:ibm_mq_operator:2.0.5:*:*:*:*:*:*:
http://www.ibm.com/support/pages/node/7157667
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Unchecked Return Value
EUVDB-ID: #VU84540
Risk: Low
CVSSv3.1: 3.2 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-6918
CWE-ID:
CWE-252 - Unchecked Return Value
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to libssh does not check for returned values of message digest (MD) operations in low memory conditions. A remote attacker can terminate the connection or force the library to use weak keys.
Install update from vendor's website.
Vulnerable software versionsIBM MQ Operator: 2.0.0 - 3.1.3
CPE2.3- cpe:2.3:a:ibm_corporation:ibm_mq_operator:2.0.22:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:ibm_mq_operator:2.0.14:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:ibm_mq_operator:2.0.5:*:*:*:*:*:*:
http://www.ibm.com/support/pages/node/7157667
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Resource exhaustion
EUVDB-ID: #VU85552
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-22365
CWE-ID:
CWE-400 - Resource exhaustion
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to application does not properly control consumption of internal resources in pam_namespace. A local user can trigger resource exhaustion and perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM MQ Operator: 2.0.0 - 3.1.3
CPE2.3- cpe:2.3:a:ibm_corporation:ibm_mq_operator:2.0.22:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:ibm_mq_operator:2.0.14:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:ibm_mq_operator:2.0.5:*:*:*:*:*:*:
http://www.ibm.com/support/pages/node/7157667
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Memory leak
EUVDB-ID: #VU88225
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-26458
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak in /krb5/src/lib/rpc/pmap_rmt.c. A remote attacker can perform a denial of service attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM MQ Operator: 2.0.0 - 3.1.3
CPE2.3- cpe:2.3:a:ibm_corporation:ibm_mq_operator:2.0.22:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:ibm_mq_operator:2.0.14:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:ibm_mq_operator:2.0.5:*:*:*:*:*:*:
http://www.ibm.com/support/pages/node/7157667
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Insufficient verification of data authenticity
EUVDB-ID: #VU85658
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-7008
CWE-ID:
CWE-345 - Insufficient Verification of Data Authenticity
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a MitM attack.
The vulnerability exists due to systemd-resolved accepts records of DNSSEC-signed domains even when they have no signature. A remote attacker can perform MitM attack.
Install update from vendor's website.
Vulnerable software versionsIBM MQ Operator: 2.0.0 - 3.1.3
CPE2.3- cpe:2.3:a:ibm_corporation:ibm_mq_operator:2.0.22:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:ibm_mq_operator:2.0.14:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:ibm_mq_operator:2.0.5:*:*:*:*:*:*:
http://www.ibm.com/support/pages/node/7157667
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Resource exhaustion
EUVDB-ID: #VU88828
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-3651
CWE-ID:
CWE-400 - Resource exhaustion
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to application does not properly control consumption of internal resources within the idna.encode() function. A remote attacker can pass an overly long domain name to the application and perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM MQ Operator: 2.0.0 - 3.1.3
CPE2.3- cpe:2.3:a:ibm_corporation:ibm_mq_operator:2.0.22:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:ibm_mq_operator:2.0.14:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:ibm_mq_operator:2.0.5:*:*:*:*:*:*:
http://www.ibm.com/support/pages/node/7157667
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) Use of a broken or risky cryptographic algorithm
EUVDB-ID: #VU93487
Risk: Medium
CVSSv3.1: 5.2 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-27256
CWE-ID:
CWE-327 - Use of a Broken or Risky Cryptographic Algorithm
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to usage of weak encryption algorithms. A remote attacker can decrypt sensitive information.
Install update from vendor's website.
Vulnerable software versionsIBM MQ Operator: 2.0.0 - 3.1.3
CPE2.3- cpe:2.3:a:ibm_corporation:ibm_mq_operator:2.0.22:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:ibm_mq_operator:2.0.14:*:*:*:*:*:*:
- cpe:2.3:a:ibm_corporation:ibm_mq_operator:2.0.5:*:*:*:*:*:*:
http://www.ibm.com/support/pages/node/7157667
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
