Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2022.5865
Security Bulletin: IBM MQ Internet Pass-Thru traces
sensitive data (CVE-2022-35719)
14 November 2022
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: IBM MQ
Publisher: IBM
Operating System: AIX
Linux variants
Windows
Solaris
Resolution: Patch/Upgrade
CVE Names: CVE-2022-35719
Original Bulletin:
https://www.ibm.com/support/pages/node/6838559
Comment: CVSS (Max): 5.1 CVE-2022-35719 (CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N)
CVSS Source: IBM
Calculator: https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
- --------------------------BEGIN INCLUDED TEXT--------------------
IBM MQ Internet Pass-Thru traces sensitive data (CVE-2022-35719)
Document Information
Document number : 6838559
Modified date : 11 November 2022
Product : IBM MQ
Software version : 2.1.0, 9.2
Operating system(s): AIX
Linux
Linux on IBM Z Systems
Windows
Solaris
Edition : All
Summary
An issue was found within IBM MQ Internet Pass-Thru which causes sensitive data
to be written to trace files when trace is enabled.
Vulnerability Details
CVEID: CVE-2022-35719
DESCRIPTION: IBM MQ stores potentially sensitive information in trace files
that could be read by a local user.
CVSS Base score: 5.1
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/
231370 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N)
Affected Products and Versions
+-------------------------+----------+
|Affected Product(s) |Version(s)|
+-------------------------+----------+
|IBM MQ Internet Pass-Thru|2.1 |
+-------------------------+----------+
|IBM MQ Internet Pass-Thru|9.2 LTS |
+-------------------------+----------+
|IBM MQ Internet Pass-Thru|9.2 CD |
+-------------------------+----------+
Remediation/Fixes
IBM MQ Internet Pass-Thru 2.1
o Apply FixPack 2.1.0.6
Note: MQ IPT 2.1.0.6 is provided on Solaris platforms only, for users with
appropriate extended support entitlement. Contact IBM support to obtain the
installation files for MQIPT 2.1.0.6 on Solaris. Users of MQ IPT 2.1 on all
other platforms should migrate to one of the MQ IPT 9.2 levels listed below (or
later).
IBM MQ Internet Pass-Thru 9.2 LTS
o Apply the 9.2.0.6 interim fix for APAR IT41700
IBM MQ Internet Pass-Thru 9.2 CD
o Upgrade to IBM MQ Internet Pass-Thru 9.3.0.1 LTS or IBM MQ Internet
Pass-Thru 9.3.1 CD
Workarounds and Mitigations
None
Change History
10 Nov 2022: Initial Publication
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: https://auscert.org.au/gpg-key/
iQIVAwUBY3HgZMkNZI30y1K9AQjdXg//UfsGdlYJxeUiWbZgc7ewngmseQRNxr6k
yKm+1TOFhvN3NYtWMPkY+ronxkTtFDtPv47WrDD7UOZh3d4IecpP6ted0RfHHuET
fzZFM3GwG/JXsTYg3ZPgbYV/wjdmsHck8cp6X5mPBp3un61wSijCTSuj4UQ7rM2h
qJ7lBvZKXJAJ4LRhBXkx/aLAtMR4orQh/XFL6ysTsqymsujl72kYQdIYVfvCfPow
sxwtN72knjhwOAH0P+lhTvIRKfREaor/MQrvYbe3998WaG9EQ9STjqlgKIR6J7y4
rXWZ/mclzqnCoIOKVBP9oYtl+pgsRVbhRBSfDdkat3kMqiHcyhUTi9uJgmCr5d79
+w7tdAsW6TxLTOB/w8lYiA0Sr9tfkiZm8mJp5HTBkVZV8jWs6V+2uYkp3rVGWum+
eF3WmedkkBCu8EEFWqG9uQUw7XqMjH21w+/10e8mrmorcpNFpOtfGuilm2s76TsI
G+Fadjqjzh4VBkWfCFuJQdCGAppmPaHbvE0QBMhsf04+CgmhQ8A+nrqkV1AgC4BV
FszFQ6Hd0ekqT7lSF+N5Jg9fBseoVdEtUM2h3dLdrdEjjhBcE4IqPxC0jkGYy+81
P31VkdpZbI0ZcUHh857pZ1MIPNZqPLNZKJdBs51/B7aNItNz7b1CcEDHs2Rca+ol
fbaLkJHeOOY=
=xE9O
-----END PGP SIGNATURE-----