IBM MQ Vulnerability – When Trace is activated, Internet Pass-Thru writes sensitive data to trace files.
This morning IBM Announced a newly discovered IBM MQ vulnerability. The issue is apparently Mitre is still researching the issue and has not written a description of it as the CVE entry is still showing up as “** RESERVED **“.
According to IBM, the MQ vulnerability stores potentially sensitive information in trace files that could be read by a local user. They give it a CVSS Base score of 5.1. and it effects the following versions:
IBM MQ Internet Pass-Thru 2.1
IBM MQ Internet Pass-Thru 9.2 LTS
IBM MQ Internet Pass-Thru 9.2 CDThe fix depends on the version. For the IBM MQ vulnerability in IBM MQ Internet Pass-Thru 2.1, the fix is to apply FixPack 2.1.0.6
With this IBM Includes a Note “MQ IPT 2.1.0.6 is provided on Solaris platforms only, for users with appropriate extended support entitlement. Contact IBM support to obtain the installation files for MQIPT 2.1.0.6 on Solaris. Users of MQ IPT 2.1 on all other platforms should migrate to one of the MQ IPT 9.2 levels listed below (or later).”
For 9.2 LTS there is a 9.2.0.6 interim fix for APAR IT41700
For Internet Pass-Thru 9.2 CD, the fix is to upgrade to IBM MQ Internet Pass-Thru 9.3.0.1 LTS or IBM MQ Internet Pass-Thru 9.3.1 CD[…]
Click here to view original MQ Vulnerability notice at www.ibm.com
With Infrared360’s Trusted Spaces™ users would not be able to access this sensitive information. Learn more about Infrared360® and Trusted Spaces™ here.
More Infrared360® Resources