IBM MQ Explorer Vulnerability

New IBM MQ Explorer Vulnerability

A new IBM MQ Explorer vulnerability has been announced.  MQ Explorer is vulnerable to an XML External Entity Injection (XXE) attack due to improper XML validation in the import Wizard.

CVE(s): CVE-2022-22489

Affected product(s) and affected version(s):

Affected Product(s) Version(s)
IBM MQ 9.1 LTS
IBM MQ 9.0 LTS
IBM MQ 8.0
IBM MQ 9.2 CD
IBM MQ 9.1 CD
IBM MQ 9.2 LTS

 

Refer to the following reference URLs for remediation and additional IBM MQ vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6613021
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/226339

[…]

 

Click here to view original web page at www.ibm.com

Click here to read about an alternative to IBM Explorer that lets you automate administration, get automated alerts and notifications, and integrate with central Enterprise consoles without scripts or agents. 

By |2022-08-23T15:53:59-04:00August 18th, 2022|Infrared360® Blog|0 Comments

Share This Story, Choose Your Platform!

About the Author:

Go to Top