CVE-2023-45177: IBM MQ denial of service
Published Oct 31, 2023
·Updated
IBM MQ 9.0 LTS, 9.1 LTS, 9.2 LTS, 9.3 LTS and 9.3 CD is vulnerable to a denial-of-service attack due to an error within the MQ clustering logic. IBM X-Force ID: 268066.
Other sources
IBM MQ is vulnerable to a denial-of-service attack due to an error within the IBM MQ clustering logic.
— IBM
Affected Software
17 affected components
IBM MQ<=9.0 LTS
IBM MQ<=9.1 LTS
IBM MQ<=9.2 LTS
IBM MQ<=9.3 LTS
IBM MQ<=9.3 CD
All of the following
Any of the following
IBM MQ>=9.0.0.0<9.0.0.21
IBM MQ>=9.1.0.0<9.1.0.18
IBM MQ>=9.2.0.0<9.2.0.20
IBM MQ>=9.3.0<9.3.4
IBM MQ>=9.3.0.0<=9.3.0.10
Any of the following
HP HP-UX
IBM AIX
IBM i
IBM Linux On Ibm Z
Linux Linux kernel
Microsoft Windows
Oracle Solaris
Event History
Oct 31, 2023
CVE Published
via IBM·12:00 AM
Mar 20, 2024
CVE Published
via MITRE·05:29 PM
Data Sourced
via MITRE·05:29 PM
DescriptionSeverityWeakness
Data Sourced
via NVD·06:15 PM
DescriptionSeverityWeaknessAffected Software
Frequently Asked Questions
1
What is the severity of CVE-2023-45177?
CVE-2023-45177 is classified as a denial-of-service vulnerability.
2
Which versions of IBM MQ are affected by CVE-2023-45177?
CVE-2023-45177 affects IBM MQ versions 9.0 LTS, 9.1 LTS, 9.2 LTS, 9.3 LTS, and 9.3 CD.
3
How do I fix CVE-2023-45177?
To address CVE-2023-45177, you should update IBM MQ to the latest patched version provided by IBM.
4
What type of attack does CVE-2023-45177 enable?
CVE-2023-45177 enables a denial-of-service attack due to an error in the MQ clustering logic.
5
What action should be taken if my IBM MQ system is vulnerable to CVE-2023-45177?
If your IBM MQ system is vulnerable to CVE-2023-45177, it is recommended to apply the relevant security patches immediately.