Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2024-27256

Опубликовано: 27 янв. 2025
Источник: nvd
CVSS3: 5.9
CVSS3: 7.5
EPSS Низкий

Описание

IBM MQ Container 3.0.0, 3.0.1, 3.1.0 through 3.1.3 CD, 2.0.0 LTS through 2.0.22 LTS and 2.4.0 through 2.4.8, 2.3.0 through 2.3.3, 2.2.0 through 2.2.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:ibm:mq_operator:*:*:*:*:lts:*:*:*
Версия от 2.0.0 (включая) до 2.0.22 (включая)
cpe:2.3:a:ibm:mq_operator:*:*:*:*:-:*:*:*
Версия от 2.2.0 (включая) до 2.2.2 (включая)
cpe:2.3:a:ibm:mq_operator:*:*:*:*:-:*:*:*
Версия от 2.3.0 (включая) до 2.3.3 (включая)
cpe:2.3:a:ibm:mq_operator:*:*:*:*:-:*:*:*
Версия от 2.4.0 (включая) до 2.4.8 (включая)
cpe:2.3:a:ibm:mq_operator:*:*:*:*:cd:*:*:*
Версия от 3.1.0 (включая) до 3.1.3 (включая)
cpe:2.3:a:ibm:mq_operator:3.0.0:*:*:*:cd:*:*:*
cpe:2.3:a:ibm:mq_operator:3.0.1:*:*:*:cd:*:*:*
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.2.0.1:r1-eus:*:*:-:*:*:*
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.2.0.1:r1-eus:*:*:lts:*:*:*
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.2.0.2:r1-eus:*:*:-:*:*:*
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.2.0.2:r1-eus:*:*:lts:*:*:*
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.2.0.2:r2-eus:*:*:-:*:*:*
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.2.0.2:r2-eus:*:*:lts:*:*:*
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.2.0.4:r1-eus:*:*:-:*:*:*
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.2.0.4:r1-eus:*:*:lts:*:*:*
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.2.0.5:r1-eus:*:*:-:*:*:*
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.2.0.5:r1-eus:*:*:lts:*:*:*
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.2.0.5:r2-eus:*:*:-:*:*:*
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.2.0.5:r2-eus:*:*:lts:*:*:*
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.2.0.5:r3-eus:*:*:-:*:*:*
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.2.0.5:r3-eus:*:*:lts:*:*:*
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.2.0.6:r1-eus:*:*:-:*:*:*
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.2.0.6:r1-eus:*:*:lts:*:*:*
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.2.0.6:r2-eus:*:*:-:*:*:*
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.2.0.6:r2-eus:*:*:lts:*:*:*
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.2.0.6:r3-eus:*:*:-:*:*:*
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.2.0.6:r3-eus:*:*:lts:*:*:*
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.2.3.0:r1:*:*:-:*:*:*
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.2.4.0:r1:*:*:-:*:*:*
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.2.4.0:r1:*:*:lts:*:*:*
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.2.5.0:r1:*:*:-:*:*:*
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.2.5.0:r1:*:*:lts:*:*:*
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.2.5.0:r2:*:*:-:*:*:*
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.2.5.0:r2:*:*:lts:*:*:*
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.2.5.0:r3:*:*:-:*:*:*
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.2.5.0:r3:*:*:lts:*:*:*
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.3.0.0:r1:*:*:-:*:*:*
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.3.0.0:r1:*:*:lts:*:*:*
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.3.0.0:r2:*:*:-:*:*:*
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.3.0.0:r2:*:*:lts:*:*:*
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.3.0.0:r3:*:*:-:*:*:*
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.3.0.0:r3:*:*:lts:*:*:*
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.3.0.1:r1:*:*:-:*:*:*
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.3.0.1:r1:*:*:lts:*:*:*
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.3.0.1:r2:*:*:-:*:*:*
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.3.0.1:r2:*:*:lts:*:*:*
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.3.0.1:r3:*:*:-:*:*:*
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.3.0.1:r3:*:*:lts:*:*:*
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.3.0.1:r4:*:*:-:*:*:*
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.3.0.1:r4:*:*:lts:*:*:*
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.3.0.3:r1:*:*:-:*:*:*
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.3.0.3:r1:*:*:lts:*:*:*
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.3.0.4:r1:*:*:-:*:*:*
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.3.0.4:r1:*:*:lts:*:*:*
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.3.0.4:r2:*:*:-:*:*:*
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.3.0.4:r2:*:*:lts:*:*:*
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.3.0.5:r1:*:*:-:*:*:*
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.3.0.5:r1:*:*:lts:*:*:*
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.3.0.5:r2:*:*:-:*:*:*
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.3.0.5:r2:*:*:lts:*:*:*
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.3.0.5:r3:*:*:-:*:*:*
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.3.0.5:r3:*:*:lts:*:*:*
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.3.0.6:r1:*:*:-:*:*:*
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.3.0.6:r1:*:*:lts:*:*:*
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.3.0.10:r1:*:*:lts:*:*:*
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.3.0.10:r2:*:*:lts:*:*:*
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.3.0.11:r1:*:*:lts:*:*:*
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.3.0.11:r2:*:*:lts:*:*:*
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.3.0.15:r1:*:*:lts:*:*:*
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.3.0.16:r1:*:*:lts:*:*:*
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.3.0.16:r2:*:*:lts:*:*:*
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.3.0.17:r1:*:*:lts:*:*:*
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.3.0.17:r2:*:*:lts:*:*:*
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.3.1.0:r1:*:*:-:*:*:*
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.3.1.0:r2:*:*:-:*:*:*
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.3.1.0:r3:*:*:-:*:*:*
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.3.1.1:r1:*:*:-:*:*:*
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.3.2.0:r1:*:*:-:*:*:*
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.3.2.0:r2:*:*:-:*:*:*
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.3.2.1:r1:*:*:-:*:*:*
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.3.2.1:r2:*:*:-:*:*:*
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.3.3.0:r1:*:*:-:*:*:*
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.3.3.0:r2:*:*:-:*:*:*
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.3.3.1:r1:*:*:-:*:*:*
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.3.3.1:r2:*:*:-:*:*:*
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.3.3.2:r1:*:*:-:*:*:*
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.3.3.2:r2:*:*:-:*:*:*
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.3.3.2:r3:*:*:-:*:*:*
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.3.3.3:r1:*:*:-:*:*:*
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.3.3.3:r2:*:*:-:*:*:*
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.3.4.0:r1:*:*:cd:*:*:*
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.3.4.1:r1:*:*:cd:*:*:*
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.3.5.0:r1:*:*:cd:*:*:*
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.3.5.0:r2:*:*:cd:*:*:*
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.3.5.1:r1:*:*:cd:*:*:*
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.3.5.1:r2:*:*:cd:*:*:*

EPSS

Процентиль: 18%
0.00058
Низкий

5.9 Medium

CVSS3

7.5 High

CVSS3

Дефекты

CWE-327

Связанные уязвимости

github логотип

GHSA-p373-f88m-9rm3

CVSS3: 5.9
github
около 1 года назад

IBM MQ Container 3.0.0, 3.0.1, 3.1.0 through 3.1.3 CD, 2.0.0 LTS through 2.0.22 LTS and 2.4.0 through 2.4.8, 2.3.0 through 2.3.3, 2.2.0 through 2.2.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.

fstec логотип

BDU:2025-00900

CVSS3: 5.9
fstec
почти 2 года назад

Уязвимость программного средства управления контейнеризованными средами IBM MQ Operator, связаная с использованием криптографических алгоритмов, содержащих дефекты, позволяющая нарушителю раскрыть защищаемую информацию

EPSS

Процентиль: 18%
0.00058
Низкий

5.9 Medium

CVSS3

7.5 High

CVSS3

Дефекты

CWE-327