Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
IBM MQ security bypass
Vulnerability Description
IBM MQ 9.1 LTS, 9.2 LTS, 9.3 LTS, 9.3 CD, 9.4 LTS, and 9.4 CD could allow an authenticated user in a specifically defined role, to bypass security restrictions and execute actions against the queue manager.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
特权授予不正确
Vulnerability Title
IBM MQ Operator 安全漏洞
Vulnerability Description
IBM MQ Operator是美国国际商业机器(IBM)公司的一种用于管理 IBM MQ 队列管理器生命周期的工具。 IBM MQ Operator 2.0.26版本和3.2.4版本存在安全漏洞,该漏洞源于特定定义的角色中的已认证用户可以绕过安全限制并对队列管理器执行操作。
CVSS Information
N/A
Vulnerability Type
N/A