Mq Appliance
by IBM
CVEs (48)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2020-4498 | Med | 0.29 | 4.4 | 0.00 | Jul 27, 2020 | IBM MQ Appliance 9.1 LTS and 9.1 CD could allow a local privileged user to obtain highly sensitve information due to inclusion of data within trace files. IBM X-Force ID: 182118. | ||
| CVE-2020-4319 | Med | 0.28 | 4.3 | 0.01 | Jul 28, 2020 | IBM MQ, IBM MQ Appliance, and IBM MQ for HPE NonStop 8.0, 9.1 LTS, and 9.1 CD could allow under special circumstances, an authenticated user to obtain sensitive information due to a data leak from an error message within the pre-v7 pubsub logic. IBM X-Force ID: 177402. | ||
| CVE-2025-14456 | 0.00 | — | 0.00 | Mar 3, 2026 | IBM MQ Appliance 9.4 CD through 9.4.4.0 to 9.4.4.1 | |||
| CVE-2025-3631 | 0.00 | — | 0.00 | Jul 11, 2025 | An IBM MQ 9.3 and 9.4 Client connecting to an MQ Queue Manager can cause a SIGSEGV in the AMQRMPPA channel process terminating it. | |||
| CVE-2024-51471 | 0.00 | — | 0.00 | Dec 19, 2024 | IBM MQ Appliance 9.3 LTS, 9.3 CD, and 9.4 LTS web console could allow an authenticated user to cause a denial-of-service when trace is enabled due to information being written into memory outside of the intended buffer size. | |||
| CVE-2024-51470 | 0.00 | — | 0.01 | Dec 18, 2024 | IBM MQ 9.1 LTS, 9.2 LTS, 9.3 LTS, 9.3 CD, 9.4 LTS, 9.4 CD, IBM MQ Appliance 9.3 LTS, 9.3 CD, 9.4 LTS, and IBM MQ for HPE NonStop 8.1.0 through 8.1.0.25 could allow an authenticated user to cause a denial-of-service due to messages with improperly set values. | |||
| CVE-2024-25048 | 0.00 | — | 0.01 | Apr 27, 2024 | IBM MQ Appliance 9.3 CD and LTS are vulnerable to a heap-based buffer overflow, caused by improper bounds checking. A remote authenticated attacker could overflow a buffer and execute arbitrary code on the system or cause the server to crash. IBM X-Force ID: 283137. | |||
| CVE-2024-25016 | 0.00 | — | 0.01 | Mar 3, 2024 | IBM MQ and IBM MQ Appliance 9.0, 9.1, 9.2, 9.3 LTS and 9.3 CD could allow a remote unauthenticated attacker to cause a denial of service due to incorrect buffering logic. IBM X-Force ID: 281279. |
- risk 0.29cvss 4.4epss 0.00
IBM MQ Appliance 9.1 LTS and 9.1 CD could allow a local privileged user to obtain highly sensitve information due to inclusion of data within trace files. IBM X-Force ID: 182118.
- risk 0.28cvss 4.3epss 0.01
IBM MQ, IBM MQ Appliance, and IBM MQ for HPE NonStop 8.0, 9.1 LTS, and 9.1 CD could allow under special circumstances, an authenticated user to obtain sensitive information due to a data leak from an error message within the pre-v7 pubsub logic. IBM X-Force ID: 177402.
- CVE-2025-14456Mar 3, 2026risk 0.00cvss —epss 0.00
IBM MQ Appliance 9.4 CD through 9.4.4.0 to 9.4.4.1
- CVE-2025-3631Jul 11, 2025risk 0.00cvss —epss 0.00
An IBM MQ 9.3 and 9.4 Client connecting to an MQ Queue Manager can cause a SIGSEGV in the AMQRMPPA channel process terminating it.
- CVE-2024-51471Dec 19, 2024risk 0.00cvss —epss 0.00
IBM MQ Appliance 9.3 LTS, 9.3 CD, and 9.4 LTS web console could allow an authenticated user to cause a denial-of-service when trace is enabled due to information being written into memory outside of the intended buffer size.
- CVE-2024-51470Dec 18, 2024risk 0.00cvss —epss 0.01
IBM MQ 9.1 LTS, 9.2 LTS, 9.3 LTS, 9.3 CD, 9.4 LTS, 9.4 CD, IBM MQ Appliance 9.3 LTS, 9.3 CD, 9.4 LTS, and IBM MQ for HPE NonStop 8.1.0 through 8.1.0.25 could allow an authenticated user to cause a denial-of-service due to messages with improperly set values.
- CVE-2024-25048Apr 27, 2024risk 0.00cvss —epss 0.01
IBM MQ Appliance 9.3 CD and LTS are vulnerable to a heap-based buffer overflow, caused by improper bounds checking. A remote authenticated attacker could overflow a buffer and execute arbitrary code on the system or cause the server to crash. IBM X-Force ID: 283137.
- CVE-2024-25016Mar 3, 2024risk 0.00cvss —epss 0.01
IBM MQ and IBM MQ Appliance 9.0, 9.1, 9.2, 9.3 LTS and 9.3 CD could allow a remote unauthenticated attacker to cause a denial of service due to incorrect buffering logic. IBM X-Force ID: 281279.
Page 3 of 3