Versions
9.2 CD
9.1.2
8.0.0.1
9.2.3
9.1.0.6
9.0.1
8.0.0.8
8.0.0.9
9.1.0.1
9.1.0.0
9.2.2
9.2.0.2
8.0.0.0
8.0.0.5
9.3 LTS, 9.3 CD
9.2
8.0.0.3
9.0.2
9.1.3
9.2.0.3
9.1.1
9.2.LTS
9.3 LTS, 9.3 CD, 9.4 LTS
9.2.0.1
8.0.0.10
9.0.5
9.2 LTS
9.1.5
9.1.LTS
9.2.1
8.0.0.7
8.0.0.2
9.1
9.2 LTS, 9.3 LTS, 9.2 CD, 9.2 LTS
8.0.0.11
8.0
9.1.CD
9.1.0.2
9.0.3
9.1.0.4
9.2.CD
9.2.0.0
9.1.0.3
9.1.0.5
8.0.0.4
9.3 CD
9.1.4
8.0.0.12
9.1.4.CD
8.0.0.13
8.0.0.6
9.0.4
Recent CVEs
CVE-2024-51471
IBM MQ Appliance 9.3 LTS, 9.3 CD, and 9.4 LTS web console could allow an authenticated user to cause a denial-of-service when trace is enabled due to information being written into memory outside of the intended buffer size.
CVE-2024-51470
IBM MQ 9.1 LTS, 9.2 LTS, 9.3 LTS, 9.3 CD, 9.4 LTS, 9.4 CD, IBM MQ Appliance 9.3 LTS, 9.3 CD, 9.4 LTS, and IBM MQ for HPE NonStop 8.1.0 through 8.1.0.25 could allow an authenticated user to cause a denial-of-service due to messages with improperly set values.
CVE-2024-25048
IBM MQ Appliance 9.3 CD and LTS are vulnerable to a heap-based buffer overflow, caused by improper bounds checking. A remote authenticated attacker could overflow a buffer and execute arbitrary code on the system or cause the server to crash. IBM X-Force ID: 283137.
CVE-2023-46177
IBM MQ Appliance 9.3 LTS and 9.3 CD could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request to view arbitrary files on the system. IBM X-Force ID: 269536.
CVE-2023-46176
IBM MQ Appliance 9.3 CD could allow a local attacker to gain elevated privileges on the system, caused by improper validation of security keys. IBM X-Force ID: 269535.
CVE-2023-28513
IBM MQ 9.0 LTS, 9.1 LTS, 9.2 LTS, 9.3 LTS, 9.2 CD, and 9.3 CD and IBM MQ Appliance 9.2 LTS, 9.3 LTS, 9.2 CD, and 9.2 LTS, under certain configurations, is vulnerable to a denial of service attack caused by an error processing messages. IBM X-Force ID: 250397.