PT-2025-2939 · Ibm · Ibm Mq
Published
2025-01-14
·
Updated
2025-07-03
·
CVE-2024-52898
CVSS v3.1
6.2
Medium
| Vector | AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
IBM MQ versions 9.3 LTS through 9.4 CD
Description
The web console of IBM MQ could allow a local user to obtain sensitive information when a detailed technical error message is returned.
Recommendations
For IBM MQ versions 9.3 LTS through 9.4 CD, consider restricting access to the web console to minimize the risk of exploitation until a patch is available.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Generation of Error Message Containing Sensitive Information
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ibm Mq