PT-2021-22330 · Ibm · Ibm Mq
Published
2021-11-16
·
Updated
2021-11-17
·
CVE-2021-38949
CVSS v3.1
5.5
Medium
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
IBM MQ versions 7.5 through 9.1 LTS
Description
The issue allows user credentials to be stored in plain clear text, which can be read by a local user.
Recommendations
For IBM MQ versions 7.5 through 9.1 LTS, update to a version that does not store user credentials in plain text to prevent unauthorized access.
Fix
Cleartext Storage of Sensitive Information
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ibm Mq