IBM MQ Appliance
Moderate fix3 remedies
cpe:2.3:a:ibm:mq_appliance:*:*:*:*:*:*:*, +7 more
Moderate fix3 remedies
- 9.3 LTS
- 9.3.0.0
- 9.3 CD
- 9.4.0.0
- 9.4 LTS
- 9.4 CD
IBM MQ Appliance Console Code Injection Vulnerability
Vulnerability
Patched
A code injection vulnerability has been identified in the IBM MQ Appliance Console, affecting versions 9.3 LTS, 9.3 CD, 9.4 LTS, and 9.4 CD. This vulnerability allows an authenticated user to execute code due to improper handling of escape characters.
Impact
Exploitation of this vulnerability could lead to unauthorized code execution on the affected system.
Remediation
Users of IBM MQ Appliance version 9.3 LTS should apply the cumulative security update 9.3.0.27. Users of version 9.3 CD should upgrade to fix pack 9.4.0.10. For version 9.4 LTS, apply fix pack 9.4.0.10, and for version 9.4 CD, apply the 9.4.2 continuous delivery firmware release.
Added: Jun 9, 2025, 7:46 PM
Updated: Jun 9, 2025, 7:46 PM
Vulnerability Rating
Custom Algorithm
spread
2.6impact
10.0exploitability
4.9remediation
7.7relevance
0.0threat
0.0urgency
2.9incentive
1.7Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.