CVE-2023-26284

Summary

IBM MQ Certified Container 9.3.0.1 through 9.3.0.3 and 9.3.1.0 through 9.3.1.1 could allow authenticated users with the cluster to be granted administration access to the MQ console due to improper access controls. IBM X-Force ID: 248417.

Affected Software

VendorProductVersion RangeStatus
IBMMQ Certified Container9.3.0.1 < 9.3.0.3affected
IBMMQ Certified Container9.3.1.0 < 9.3.1.1affected

Weaknesses

  • 284 Improper Access Control

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References