IBM MQ Vulnerability – When Trace is activated, Internet Pass-Thru writes sensitive data to trace files.
This morning IBM Announced a newly discovered IBM MQ vulnerability. The issue is apparently Mitre is still researching the issue and has not written a description of it as the CVE entry is still showing up as “** RESERVED **“.
According to IBM, the MQ vulnerability stores potentially sensitive information in trace files that could be read by a local user. They give it a CVSS Base score of 5.1. and it effects the following versions:
IBM MQ Internet Pass-Thru 2.1
IBM MQ Internet Pass-Thru 9.2 LTS
IBM MQ Internet Pass-Thru 9.2 CD
The fix depends on the version. For the IBM MQ vulnerability in IBM MQ Internet Pass-Thru 2.1, the fix is to apply FixPack 18.104.22.168
With this IBM Includes a Note “MQ IPT 22.214.171.124 is provided on Solaris platforms only, for users with appropriate extended support entitlement. Contact IBM support to obtain the installation files for MQIPT 126.96.36.199 on Solaris. Users of MQ IPT 2.1 on all other platforms should migrate to one of the MQ IPT 9.2 levels listed below (or later).”
For 9.2 LTS there is a 188.8.131.52 interim fix for APAR IT41700
For Internet Pass-Thru 9.2 CD, the fix is to upgrade to IBM MQ Internet Pass-Thru 184.108.40.206 LTS or IBM MQ Internet Pass-Thru 9.3.1 CD[…]
Click here to view original MQ Vulnerability notice at www.ibm.com
With Infrared360’s Trusted Spaces™ users would not be able to access this sensitive information. Learn more about Infrared360® and Trusted Spaces™ here.