CVE-2023-47745

CVSS 3.1 Score 6.2 of 10 (medium)

Details

Published Mar 3, 2024

Updated: Mar 4, 2024

CWE ID 319

Summary

CVE-2023-47745 is a vulnerability affecting various versions of IBM MQ Operator, including 2.0.0 LTS, 2.0.18 LTS, 3.0.0 CD, 3.0.1 CD, 2.4.0 through 2.4.7, 2.3.0 through 2.3.3, and 2.2.0 through 2.2.2. This issue allows local users to access plain clear text user credentials during message transmission or storage, as identified in IBM X-Force with ID 272638. This vulnerability poses a significant risk, as clear text credentials can be easily intercepted and exploited. It is essential for IBM MQ Operator users to update their systems to the latest, non-vulnerable version as soon as possible to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Advisories, Assessments, and Mitigations

Back to Vulnerability Database