CVE-2022-43919Improper Input Validation in IBM MQ Appliance

CWE-20Improper Input Validation3 documents3 sources
Severity
6.5MEDIUMNVD
CNA5.3
EPSS
0.1%
top 75.22%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
IBM MQ ApplianceIBM MQ
Timeline
PublishedMay 5

Description

IBM MQ 9.2 CD, 9.2 LTS, 9.3 CD, and 9.3 LTS could allow an authenticated attacker with authorization to craft messages to cause a denial of service. IBM X-Force ID: 241354.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 2.8 | Impact: 3.6

Affected Packages2 packages

NVDibm/mq_appliance9.2.0.09.2.0.10+3
CVEListV5ibm/mq9.2 CD, 9.2 LTS, 9.3 CD, 9.3 LTS

Patches

Patch: www.ibm.comPatch: www.ibm.com

🔴Vulnerability Details

2
CVEList
IBM MQ denial of service2023-05-05
GHSA
GHSA-38hg-964r-m8jj: IBM MQ 92023-05-05
CVE-2022-43919 — Improper Input Validation in IBM | cvebase