CVE-2023-26285 — Vulnetix

CVE-2023-26285 PUBLISHED

In IBM MQ existieren mehrere Schwachstellen. Diese sind auf Fehler beim Verarbeiten von verschiedenen Dateitypen zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuführen.

EPSS 0.09% · 26.1th percentile

Risk Scores

EPSS Score

0.09%

26.1th percentile

Affected Products

Vendor	Product	Versions
IBM	IBM MQ 8.1
IBM	IBM MQ 8.0
IBM	IBM MQ 9.3 LTS
IBM	IBM MQ 9.2 LTS
IBM	IBM MQ 9.2 CD
IBM	IBM MQ 9.2.0
IBM	IBM MQ 9.3 CD
IBM	IBM MQ 9.0 LTS
IBM	IBM MQ 9.3.0

Exploit Intelligence

CIRCL seen: CVE-2023-26285 (circl-sighting)
https://www.ibm.com/support/pages/node/6986563 (circl)
https://exchange.xforce.ibmcloud.com/vulnerabilities/248418 (circl)

Timeline

May 1, 2023 CVE Published
May 5, 2023 PoC Published
May 6, 2023 EPSS Score
Jun 8, 2023 CVE Updated
Jun 12, 2023 EPSS Score
Jul 19, 2023 EPSS Score
Aug 25, 2023 EPSS Score
Oct 1, 2023 EPSS Score
Nov 6, 2023 EPSS Score
Dec 13, 2023 EPSS Score
Jan 19, 2024 EPSS Score
Feb 25, 2024 EPSS Score

References

https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-1115.json advisory
https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-1115 advisory
http://www.ibm.com/support/pages/node/7001835 advisory
https://www.ibm.com/support/pages/node/6986563 advisory
https://www.ibm.com/support/pages/node/6986559 advisory
https://www.ibm.com/support/pages/node/6985901 advisory
https://www.ibm.com/support/pages/node/6985839 advisory
https://www.ibm.com/support/pages/node/6985837 advisory
https://www.ibm.com/support/pages/node/6985835 advisory
https://www.ibm.com/support/pages/node/6985833 advisory

Open in Interactive Console →