CVE-2025-0975
published 2025-02-28CVE-2025-0975: IBM MQ 9.3 LTS, 9.3 CD, 9.4 LTS, and 9.4 CD console could allow an authenticated user to execute code due to improper neutralization of escape characters.
high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
IBM MQ 9.3 LTS, 9.3 CD, 9.4 LTS, and 9.4 CD console could allow an authenticated user to execute code due to improper neutralization of escape characters.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ibm | mq | — | — |
| ibm | mq_appliance | 9.3.0 – 9.4.2 | — |
| ibm | mq_appliance | 9.3.0.0 – 9.3.0.27 | — |
| ibm | mq_appliance | 9.4.0.0 – 9.4.0.10 | — |