Ibm Mq For Hpe Nonstop vulnerabilities

7 known vulnerabilities affecting ibm/mq_for_hpe_nonstop.

Total CVEs

7

CISA KEV

0

Public exploits

0

Exploited in wild

0

Severity breakdown

HIGH3MEDIUM4

Vulnerabilities

Page 1 of 1

CVE-2024-51470MEDIUMCVSS 6.5≥ 8.1.0, < 8.1.0.26≥ 8.1.0, ≤ 8.1.0.252024-12-18

CVE-2024-51470 [MEDIUM] CWE-754 CVE-2024-51470: IBM MQ 9.1 LTS, 9.2 LTS, 9.3 LTS, 9.3 CD, 9.4 LTS, 9.4 CD, IBM MQ Appliance 9.3 LTS, 9.3 CD, 9.4 LTS IBM MQ 9.1 LTS, 9.2 LTS, 9.3 LTS, 9.3 CD, 9.4 LTS, 9.4 CD, IBM MQ Appliance 9.3 LTS, 9.3 CD, 9.4 LTS, and IBM MQ for HPE NonStop 8.1.0 through 8.1.0.25 could allow an authenticated user to cause a denial-of-service due to messages with improperly set values.

CVE-2022-40237HIGHCVSS 7.5v8.1.02023-02-27

CVE-2022-40237 [HIGH] CWE-20 CVE-2022-40237: IBM MQ for HPE NonStop 8.1.0 is vulnerable to a denial of service attack due to an error within the IBM MQ for HPE NonStop 8.1.0 is vulnerable to a denial of service attack due to an error within the CCDT and channel synchronization logic. IBM X-Force ID: 235727.

CVE-2022-22325MEDIUMCVSS 5.5v8.1.02022-05-13

CVE-2022-22325 [MEDIUM] CVE-2022-22325: IBM MQ (IBM MQ for HPE NonStop 8.1.0) can inadvertently disclose sensitive information under certain IBM MQ (IBM MQ for HPE NonStop 8.1.0) can inadvertently disclose sensitive information under certain circumstances to a local user from a stack trace. IBM X-Force ID: 218853.

CVE-2021-38950HIGHCVSS 7.8v8.0.4v8.1.02021-12-14

CVE-2021-38950 [HIGH] CVE-2021-38950: IBM MQ on HPE NonStop 8.0.4 and 8.1.0 is vulnerable to a privilege escalation attack when SharedBind IBM MQ on HPE NonStop 8.0.4 and 8.1.0 is vulnerable to a privilege escalation attack when SharedBindingsUserId is set to effective. IBM X-ForceID: 211404.

CVE-2020-4466MEDIUMCVSS 6.5v8.0.4v8.1.02020-07-20

CVE-2020-4466 [MEDIUM] CVE-2020-4466: IBM MQ for HPE NonStop 8.0.4 and 8.1.0 could allow a remote authenticated attacker could cause a den IBM MQ for HPE NonStop 8.0.4 and 8.1.0 could allow a remote authenticated attacker could cause a denial of service due to an error within the Queue processing function. IBM X-Force ID: 181563.

CVE-2020-4376MEDIUMCVSS 6.5v8.0.4v8.1.02020-07-01

CVE-2020-4376 [MEDIUM] CVE-2020-4376: IBM MQ, IBM MQ Appliance, IBM MQ for HPE NonStop 8.0.4 and 8.1.0 could allow an attacker to cause a IBM MQ, IBM MQ Appliance, IBM MQ for HPE NonStop 8.0.4 and 8.1.0 could allow an attacker to cause a denial of service caused by an error within the pubsub logic. IBM X-Force ID: 179081.

CVE-2020-4352HIGHCVSS 7.0v8.0.4v8.1.02020-05-29

CVE-2020-4352 [HIGH] CVE-2020-4352: IBM MQ on HPE NonStop 8.0.4 and 8.1.0 is vulnerable to a privilege escalation attack when running in IBM MQ on HPE NonStop 8.0.4 and 8.1.0 is vulnerable to a privilege escalation attack when running in restricted mode. IBM X-Force ID: 178427.