IBM MQ 9.1.2 Continuous Delivery Edition

CPE Details

IBM MQ 9.1.2 Continuous Delivery Edition
ibm
mq
9.1.2
2019-09-10
10h59 +00:00
2019-09-10
10h59 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:ibm:mq:9.1.2:*:*:*:continuous_delivery:*:*:*

Informations

Vendor

ibm

Product

mq

Version

9.1.2

Software Edition

continuous_delivery

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2021-38949 2021-11-16 16h55 +00:00 IBM MQ 7.5, 8.0, 9.0 LTS, 9.1 CD, and 9.1 LTS stores user credentials in plain clear text which can be read by a local user. IBM X-Force ID: 211403.
5.5
Medium
CVE-2020-4320 2020-06-16 13h45 +00:00 IBM MQ Appliance and IBM MQ AMQP Channels 8.0, 9.0 LTS, 9.1 LTS, and 9.1 CD do not correctly block or allow clients based on the certificate distinguished name SSLPEER setting. IBM X-Force ID: 177403.
6.5
Medium
CVE-2020-4310 2020-06-16 13h45 +00:00 IBM MQ and MQ Appliance 7.1, 7.5, 8.0, 9.0 LTS, 9.1 LTS, and 9.1 C are vulnerable to a denial of service attack due to an error within the Data Conversion logic. IBM X-Force ID: 177081.
7.5
High
CVE-2020-4338 2020-04-16 15h35 +00:00 IBM MQ 9.1.4 could allow a local attacker to obtain sensitive information by inclusion of sensitive data within runmqras data. IBM X-Force ID: 177937.
5.5
Medium
CVE-2019-4762 2020-04-16 15h35 +00:00 IBM MQ 9.0 and 9.1 is vulnerable to a denial of service attack due to an error in the Channel processing function. IBM X-Force ID: 173625.
7.5
High
CVE-2019-4719 2020-03-16 15h25 +00:00 IBM MQ and IBM MQ Appliance 7.1, 7.5, 8.0, 9.0 LTS, 9.1 LTS, and 9.1 CD could allow a local attacker to obtain sensitive information by inclusion of sensitive data within runmqras data.
5.5
Medium
CVE-2019-4656 2020-03-16 15h25 +00:00 IBM MQ and IBM MQ Appliance 7.1, 7.5, 8.0, 9.0 LTS, 9.1 LTS, and 9.1 CD is vulnerable to a denial of service attack that would allow an authenticated user to crash the queue and require a restart due to an error processing error messages. IBM X-Force ID: 170967.
6.5
Medium
CVE-2019-4619 2020-03-16 15h25 +00:00 IBM MQ and IBM MQ Appliance 7.1, 7.5, 8.0, 9.0 LTS, 9.1 LTS, and 9.1 CD could allow a local attacker to obtain sensitive information by inclusion of sensitive data within trace. IBM X-Force ID: 168862.
5.5
Medium
CVE-2019-4614 2020-01-28 18h30 +00:00 IBM MQ and IBM MQ Appliance 8.0 and 9.0 LTS client connecting to a Queue Manager could cause a SIGSEGV denial of service caused by converting an invalid message. IBM X-Force ID: 168639.
6.5
Medium
CVE-2019-4655 2019-12-30 15h35 +00:00 IBM MQ 9.1.0.0, 9.1.0.1, 9.1.0.2, 9.1.0.3, 9.1.1, 9.1.2, and 9.1.3 is vulnerable to a denial of service attack that would allow an authenticated user to reset client connections due to an error within the Data Conversion routine. IBM X-Force ID: 170966.
4.3
Medium
CVE-2019-4227 2019-10-04 14h05 +00:00 IBM MQ 8.0.0.4 - 8.0.0.12, 9.0.0.0 - 9.0.0.6, 9.1.0.0 - 9.1.0.2, and 9.1.0 - 9.1.2 AMQP Listeners could allow an unauthorized user to conduct a session fixation attack due to clients not being disconnected as they should. IBM X-Force ID: 159352.
7.3
High
CVE-2019-4378 2019-09-26 15h05 +00:00 IBM MQ 7.5.0.0 - 7.5.0.9, 7.1.0.0 - 7.1.0.9, 8.0.0.0 - 8.0.0.12, 9.0.0.0 - 9.0.0.6, 9.1.0.0 - 9.1.0.2, and 9.1.0 - 9.1.2 command server is vulnerable to a denial of service attack caused by an authenticated and authorized user using specially crafted PCF messages. IBM X-Force ID: 162084.
6.5
Medium
CVE-2019-4261 2019-08-05 13h40 +00:00 IBM WebSphere MQ V7.1, 7.5, IBM MQ V8, IBM MQ V9.0LTS, IBM MQ V9.1 LTS, and IBM MQ V9.1 CD are vulnerable to a denial of service attack caused by specially crafted messages. IBM X-Force ID: 160013.
6.5
Medium