CVE-2023-28950 — Vulnetix

Try Vulnetix Request Demo

CVE-2023-28950 PUBLISHED

In IBM MQ existieren mehrere Schwachstellen. Diese sind auf Fehler in der IBM Tracing Logik zurückzuführen. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um Informationen offenzulegen.

EPSS 0.04% · 11.9th percentile

Risk Scores

EPSS Score

0.04%

11.9th percentile

Affected Products

Vendor	Product	Versions
IBM	IBM MQ 8.1
IBM	IBM MQ 9.2 CD
IBM	IBM MQ 9.3 LTS
IBM	IBM MQ 9.2 LTS
IBM	IBM MQ 8.0
IBM	IBM MQ 9.2.0
IBM	IBM MQ 9.0 LTS
IBM	IBM MQ 9.3 CD
IBM	IBM MQ 9.3.0

Timeline

May 1, 2023 CVE Published
May 19, 2023 PoC Published
May 20, 2023 EPSS Score
Jun 8, 2023 CVE Updated
Jun 25, 2023 EPSS Score
Jul 31, 2023 EPSS Score
Sep 4, 2023 EPSS Score
Oct 10, 2023 EPSS Score
Nov 15, 2023 EPSS Score
Dec 21, 2023 EPSS Score
Jan 26, 2024 EPSS Score
Mar 2, 2024 EPSS Score

References

https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-1115.json advisory
https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-1115 advisory
http://www.ibm.com/support/pages/node/7001835 advisory
https://www.ibm.com/support/pages/node/6986563 advisory
https://www.ibm.com/support/pages/node/6986559 advisory
https://www.ibm.com/support/pages/node/6985901 advisory
https://www.ibm.com/support/pages/node/6985839 advisory
https://www.ibm.com/support/pages/node/6985837 advisory
https://www.ibm.com/support/pages/node/6985835 advisory
https://www.ibm.com/support/pages/node/6985833 advisory

Open in Interactive Console →