CVE-2023-26284
7.5
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
IBM MQ Certified Container 9.3.0.1 through 9.3.0.3 and 9.3.1.0 through 9.3.1.1 could allow authenticated users with the cluster to be granted administration access to the MQ console due to improper access controls. IBM X-Force ID: 248417.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| IBM | MQ Certified Container | 9.3.0.1 < 9.3.0.3 | affected |
| IBM | MQ Certified Container | 9.3.1.0 < 9.3.1.1 | affected |
Weaknesses
- 284 Improper Access Control
ADP Enrichment
CVE Program Container
Additional References
- https://www.ibm.com/support/pages/node/6960201
- https://exchange.xforce.ibmcloud.com/vulnerabilities/248417
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: total
References
- https://www.ibm.com/support/pages/node/6960201
- https://exchange.xforce.ibmcloud.com/vulnerabilities/248417
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.