HIGH🇬🇧 English

CVE-2025-0975

CVSS 8.8v3.1pub. 2025-02-28upd. 2025-07-03

IBM MQ 9.3 LTS, 9.3 CD, 9.4 LTS, and 9.4 CD console could allow an authenticated user to execute code due to improper neutralization of escape characters.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • IBM Mq Appliance

    APP
    Ibm
    9.3.0 – 9.4.29.3.0.0 – 9.3.0.279.4.0.0 – 9.4.0.10
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2020-4682CRITICAL9.8ten sam produkt

IBM MQ 7.5, 8.0, 9.0, 9.1, 9.2 LTS, and 9.2 CD could allow a remote attacker to execute arbitrary code on the ...

CVE-2024-25048HIGH7.5ten sam produkt

IBM MQ Appliance 9.3 CD and LTS are vulnerable to a heap-based buffer overflow, caused by improper bounds chec...

CVE-2024-25016HIGH7.5ten sam produkt

IBM MQ and IBM MQ Appliance 9.0, 9.1, 9.2, 9.3 LTS and 9.3 CD could allow a remote unauthenticated attacker to...

CVE-2020-4938HIGH8.8ten sam produkt

IBM MQ Appliance 9.1 and 9.2 is vulnerable to cross-site request forgery which could allow an attacker to exec...

CVE-2020-4375HIGH7.5ten sam produkt

IBM MQ, IBM MQ Appliance, IBM MQ for HPE NonStop 8.0, 9.1 CD, and 9.1 LTS could allow an attacker to cause a d...