CVE-2025-0975

Summary

IBM MQ 9.3 LTS, 9.3 CD, 9.4 LTS, and 9.4 CD console could allow an authenticated user to execute code due to improper neutralization of escape characters.

Affected Software

VendorProductVersion RangeStatus
IBMMQ9.3 LTS, 9.3 CD, 9.4 LTS, 9.4 CDaffected

Weaknesses

  • CWE-150: CWE-150 Improper Neutralization of Escape, Meta, or Control Sequences

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References