CVE-2023-22874: IBM MQ denial of service
Published Apr 26, 2023
·Updated
IBM MQ Clients 9.2 CD, 9.3 CD, and 9.3 LTS are vulnerable to a denial of service attack when processing configuration files. IBM X-Force ID: 244216.
Other sources
IBM MQ Clients are vulnerable to a denial of service attack when processing configuration files.
— IBM
Affected Software
8 affected components
IBM MQ<=9.2.CD
IBM MQ<=9.3.CD
IBM MQ<=9.3.LTS
IBM MQ<=9.2 CD
IBM MQ<=9.3 CD
IBM MQ<=9.3 LTS
IBM MQ Appliance>=9.2.0.0<9.3.2
IBM MQ Appliance>=9.3.0.0<9.3.0.5
Remediation
Patch Available
Event History
Apr 26, 2023
CVE Published
via IBM·12:00 AM
Apr 28, 2023
Advisory Published
12:00 AM
May 5, 2023
CVE Published
via MITRE·02:57 PM
Data Sourced
via MITRE·02:57 PM
DescriptionSeverityWeakness
Data Sourced
03:15 PM
Description
Frequently Asked Questions
1
What is CVE-2023-22874?
CVE-2023-22874 is a vulnerability in IBM MQ Clients 9.2 CD, 9.3 CD, and 9.3 LTS that allows for a denial of service attack when processing configuration files.
2
How severe is CVE-2023-22874?
CVE-2023-22874 has a severity rating of medium.
3
Which software versions are affected by CVE-2023-22874?
IBM MQ Clients 9.2 CD, 9.3 CD, and 9.3 LTS are affected by CVE-2023-22874.
4
How can I fix CVE-2023-22874?
To fix CVE-2023-22874, update IBM MQ Clients to a version that is not vulnerable.
5
Where can I find more information about CVE-2023-22874?
You can find more information about CVE-2023-22874 on the IBM support pages, IBM X-Force exchange, and CVE Mitre.