A vulnerability exists in IBM MQ Container when used with the IBM MQ Operator, specifically versions LTS 2.0.0 through 2.0.29, CD 3.0.0, 3.0.1, 3.1.0 through 3.1.3, 3.3.0, 3.4.0, 3.4.1, 3.5.0, 3.5.1, and SC2 3.2.0 through 3.2.10, all configured with Cloud Pak for Integration Keycloak. This vulnerability could allow a privileged user to access sensitive information.
Exploitation of this vulnerability could lead to unauthorized access to sensitive information by a privileged user.
Users can upgrade to IBM MQ Operator v3.5.2 CD release, v3.2.11 SC2 release, or IBM MQ Container 9.4.2.1-r1 release. Details for these releases are available in the IBM Security Bulletin.
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.
