IBM MQ Appliance
Moderate fix3 remedies
cpe:2.3:a:ibm:mq_appliance:*:*:*:*:*:*:*, +7 more
Moderate fix3 remedies
- 9.3 LTS
- 9.3 CD
- 9.4 LTS
- 9.4 CD
IBM MQ Appliance Sensitive Information Disclosure Vulnerability in Web Console Trace Files
Vulnerability
Patched
A vulnerability in IBM MQ Appliance versions 9.3 LTS, 9.3 CD, 9.4 LTS, and 9.4 CD allows for the disclosure of potentially sensitive information in trace files. This information could be accessed by a local user when the web console trace feature is enabled.
Impact
Exploitation of this vulnerability could lead to unauthorized access to sensitive information in trace files, which could be read by a local user.
Remediation
Users of IBM MQ Appliance 9.3 LTS should apply the cumulative security update 9.3.0.27. Users of IBM MQ Appliance 9.3 CD should upgrade to fix pack 9.4.0.10. Users of IBM MQ Appliance 9.4 LTS should apply fix pack 9.4.0.10. Users of IBM MQ Appliance 9.4 CD should apply the 9.4.2 continuous delivery firmware release.
Added: Jun 9, 2025, 7:46 PM
Updated: Jun 9, 2025, 7:46 PM
Vulnerability Rating
Custom Algorithm
spread
2.6impact
2.5exploitability
3.5remediation
7.7relevance
0.0threat
0.0urgency
2.9incentive
1.7Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.