CVE-2023-46177

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Dec 18, 2023

Updated: Dec 22, 2023

CWE ID 22

Summary

CVE-2023-46177 is a vulnerability affecting IBM MQ Appliance 9.3 LTS and 9.3 CD. It allows remote attackers to traverse directories on the system by sending a specially crafted URL request. This issue could potentially grant attackers access to arbitrary files on the system, as identified by IBM X-Force with ID 269536. This vulnerability poses a serious risk to the security and confidentiality of data stored on the affected systems. IBM urges users to apply the available patch to mitigate this issue.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

IBM MQ Appliance

Affected Vendors

IBM Corporation

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/tDE9Of
https://www.cve.org/CVERecord?id=CVE-2023-46177
https://nvd.nist.gov/vuln/detail/CVE-2023-46177

Back to Vulnerability Database