CVE-2024-27255

Name of the Vulnerable Software and Affected Versions IBM MQ Operator versions 2.0.0 through 2.0.18, 2.2.0 through 2.2.2, 2.3.0 through 2.3.3, 2.4.0 through 2.4.7, 3.0.0, 3.0.1

Description The issue is related to the use of weaker than expected cryptographic algorithms in IBM MQ Operator, which could allow an attacker to decrypt highly sensitive information.

Recommendations For versions 2.0.0 through 2.0.18, consider updating to a version that uses stronger cryptographic algorithms. For versions 2.2.0 through 2.2.2, consider updating to a version that uses stronger cryptographic algorithms. For versions 2.3.0 through 2.3.3, consider updating to a version that uses stronger cryptographic algorithms. For versions 2.4.0 through 2.4.7, consider updating to a version that uses stronger cryptographic algorithms. For versions 3.0.0 and 3.0.1, consider updating to a version that uses stronger cryptographic algorithms. At the moment, there is no information about a newer version that contains a fix for this vulnerability.