Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
IBM MQ Certified Container improper access controls
Vulnerability Description
IBM MQ Certified Container 9.3.0.1 through 9.3.0.3 and 9.3.1.0 through 9.3.1.1 could allow authenticated users with the cluster to be granted administration access to the MQ console due to improper access controls. IBM X-Force ID: 248417.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
N/A
Vulnerability Title
IBM MQ 安全漏洞
Vulnerability Description
IBM MQ(IBM WebSphere MQ)是美国国际商业机器(IBM)公司的一款消息传递中间件产品。该产品主要为面向服务的体系结构(SOA)提供可靠的、经过验证的消息传递主干网。 IBM MQ Certified Container 9.3.0.1 到 9.3.0.3版本、 9.3.1.0 到 9.3.1.1版本存在安全漏洞,该漏洞源于允许经过身份验证的集群用户被授予对 MQ 控制台的管理访问权限。
CVSS Information
N/A
Vulnerability Type
N/A