CVE-2024-31912

CWE-2663 documents3 sources
Severity
8.8HIGH
EPSS
0.2%
top 53.52%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM MQ
Timeline
PublishedJun 28

Description

IBM MQ 9.3 LTS and 9.3 CD could allow an authenticated user to escalate their privileges under certain configurations due to incorrect privilege assignment. IBM X-Force ID: 289894.

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.6 | Impact: 5.9

Affected Packages2 packages

CVEListV5ibm/mq9.3 LTS and 9.3 CD
NVDibm/mq9.3.0

🔴Vulnerability Details

2
CVEList
IBM MQ privilege escalation2024-06-28
GHSA
GHSA-4qqh-789f-3w2h: IBM MQ 92024-06-28
CVE-2024-31912 (HIGH CVSS 8.8) | IBM MQ 9.3 LTS and 9.3 CD could all | cvebase.io