Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.5865 Security Bulletin: IBM MQ Internet Pass-Thru traces sensitive data (CVE-2022-35719) 14 November 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: IBM MQ Publisher: IBM Operating System: AIX Linux variants Windows Solaris Resolution: Patch/Upgrade CVE Names: CVE-2022-35719 Original Bulletin: https://www.ibm.com/support/pages/node/6838559 Comment: CVSS (Max): 5.1 CVE-2022-35719 (CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N) CVSS Source: IBM Calculator: https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N - --------------------------BEGIN INCLUDED TEXT-------------------- IBM MQ Internet Pass-Thru traces sensitive data (CVE-2022-35719) Document Information Document number : 6838559 Modified date : 11 November 2022 Product : IBM MQ Software version : 2.1.0, 9.2 Operating system(s): AIX Linux Linux on IBM Z Systems Windows Solaris Edition : All Summary An issue was found within IBM MQ Internet Pass-Thru which causes sensitive data to be written to trace files when trace is enabled. Vulnerability Details CVEID: CVE-2022-35719 DESCRIPTION: IBM MQ stores potentially sensitive information in trace files that could be read by a local user. CVSS Base score: 5.1 CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/ 231370 for the current score. CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N) Affected Products and Versions +-------------------------+----------+ |Affected Product(s) |Version(s)| +-------------------------+----------+ |IBM MQ Internet Pass-Thru|2.1 | +-------------------------+----------+ |IBM MQ Internet Pass-Thru|9.2 LTS | +-------------------------+----------+ |IBM MQ Internet Pass-Thru|9.2 CD | +-------------------------+----------+ Remediation/Fixes IBM MQ Internet Pass-Thru 2.1 o Apply FixPack 2.1.0.6 Note: MQ IPT 2.1.0.6 is provided on Solaris platforms only, for users with appropriate extended support entitlement. Contact IBM support to obtain the installation files for MQIPT 2.1.0.6 on Solaris. Users of MQ IPT 2.1 on all other platforms should migrate to one of the MQ IPT 9.2 levels listed below (or later). IBM MQ Internet Pass-Thru 9.2 LTS o Apply the 9.2.0.6 interim fix for APAR IT41700 IBM MQ Internet Pass-Thru 9.2 CD o Upgrade to IBM MQ Internet Pass-Thru 9.3.0.1 LTS or IBM MQ Internet Pass-Thru 9.3.1 CD Workarounds and Mitigations None Change History 10 Nov 2022: Initial Publication - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: https://auscert.org.au/gpg-key/ iQIVAwUBY3HgZMkNZI30y1K9AQjdXg//UfsGdlYJxeUiWbZgc7ewngmseQRNxr6k yKm+1TOFhvN3NYtWMPkY+ronxkTtFDtPv47WrDD7UOZh3d4IecpP6ted0RfHHuET fzZFM3GwG/JXsTYg3ZPgbYV/wjdmsHck8cp6X5mPBp3un61wSijCTSuj4UQ7rM2h qJ7lBvZKXJAJ4LRhBXkx/aLAtMR4orQh/XFL6ysTsqymsujl72kYQdIYVfvCfPow sxwtN72knjhwOAH0P+lhTvIRKfREaor/MQrvYbe3998WaG9EQ9STjqlgKIR6J7y4 rXWZ/mclzqnCoIOKVBP9oYtl+pgsRVbhRBSfDdkat3kMqiHcyhUTi9uJgmCr5d79 +w7tdAsW6TxLTOB/w8lYiA0Sr9tfkiZm8mJp5HTBkVZV8jWs6V+2uYkp3rVGWum+ eF3WmedkkBCu8EEFWqG9uQUw7XqMjH21w+/10e8mrmorcpNFpOtfGuilm2s76TsI G+Fadjqjzh4VBkWfCFuJQdCGAppmPaHbvE0QBMhsf04+CgmhQ8A+nrqkV1AgC4BV FszFQ6Hd0ekqT7lSF+N5Jg9fBseoVdEtUM2h3dLdrdEjjhBcE4IqPxC0jkGYy+81 P31VkdpZbI0ZcUHh857pZ1MIPNZqPLNZKJdBs51/B7aNItNz7b1CcEDHs2Rca+ol fbaLkJHeOOY= =xE9O -----END PGP SIGNATURE-----