Known Vulnerabilities
CVE-2024-25048
IBM MQ Appliance 9.3 CD and LTS are vulnerable to a heap-based buffer overflow, caused by improper bounds checking. A remote authenticated attacker could overflow a buffer and execute arbitrary code on the system or cause the server to crash. IBM X-Force ID: 283137.
HIGH
CVSS 7.5
Published Apr 27, 2024
CVE-2023-46177
IBM MQ Appliance 9.3 LTS and 9.3 CD could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request to view arbitrary files on the system. IBM X-Force ID: 269536.
MEDIUM
CVSS 6.5
Published Dec 18, 2023