exploitDog

CVE-2022-35719

Опубликовано: 14 нояб. 2022

Источник: nvd

CVSS3: 5.1

CVSS3: 5.5

EPSS Низкий

Описание

IBM MQ Internet Pass-Thru 2.1, 9.2 LTS and 9.2 CD stores potentially sensitive information in trace files that could be read by a local user.

Ссылки

https://exchange.xforce.ibmcloud.com/vulnerabilities/231370
VDB Entry
Vendor Advisory
https://www.ibm.com/support/pages/node/6838559
Patch
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/231370
VDB Entry
Vendor Advisory
https://www.ibm.com/support/pages/node/6838559
Patch
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:ibm:mq_internet_pass-thru:2.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:mq_internet_pass-thru:9.2:*:*:*:continuous_delivery:*:*:*

cpe:2.3:a:ibm:mq_internet_pass-thru:9.2:*:*:*:lts:*:*:*

EPSS

Процентиль: 29%

0.00107

Низкий

5.1 Medium

CVSS3

5.5 Medium

CVSS3

Дефекты

CWE-532

CWE-532

Связанные уязвимости

GHSA-w2mg-q8wx-4hqp

CVSS3: 5.5

github

около 3 лет назад

IBM MQ Internet Pass-Thru 2.1, 9.2 LTS and 9.2 CD stores potentially sensitive information in trace files that could be read by a local user.

EPSS

Процентиль: 29%

0.00107

Низкий

5.1 Medium

CVSS3

5.5 Medium

CVSS3

Дефекты

CWE-532

CWE-532