IBM MQ 9.0 LTS, 9.1 LTS, 9.2 LTS, 9.3 LTS, 9.2 CD, and 9.3 CD and IBM MQ Appliance 9.2 LTS, 9.3 LTS, 9.2 CD, and 9.2 LTS, under certain configurations, is vulnerable to a denial of service attack caused by an error processing messages. IBM X-Force ID: 250397..This CVE has a CVSS3.1 score of 5.9 and a Base Severity of MEDIUM.
| Info | Details |
|---|---|
| CVE ID | CVE-2023-28513 |
| CVE State | PUBLISHED |
| BaseScore | 5.9 |
| BaseSeverity | MEDIUM |
| VectorString | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H |
| Version | NA |
References for CVE-2023-28513 :
https://www.ibm.com/support/pages/node/7007421
https://www.ibm.com/support/pages/node/7007731
https://exchange.xforce.ibmcloud.com/vulnerabilities/250397
| Metric Type | Metric Score |
|---|---|
| AttackVector(AV) | NETWORK |
| AttackComplexity(AC) | HIGH |
| PrivilegesRequired(PR) | NONE |
| UserInteraction(UI) | NONE |
| Scope(S) | UNCHANGED |
| Confidentiality(C) | NONE |
| Availability(A) | HIGH |
| Integrity(I) | NONE |