CNNVD-202506-1832 Information
CNNVD ID
CNNVD-202506-1832
Related CVE
- CNNVD Published: 2025-06-15
Description (Chinese)
IBM MQ Operator是美国国际商业机器(IBM)公司的一种用于管理 IBM MQ 队列管理器生命周期的工具。 IBM MQ Operator存在信任管理问题漏洞,该漏洞源于配置不当可能导致敏感信息泄露或未授权操作。以下版本受到影响:IBM MQ Operator LTS 2.0.0至2.0.29版本,CD 3.0.0版本、3.0.1版本、3.1.0至3.1.3版本、3.3.0版本、3.4.0版本、3.4.1版本、3.5.0版本、3.5.1至3.5.3版本和SC2 3.2.0至3.2.12版本。
Description (English)
IBM MQ Operator is a tool used by the United States International Business Machine (IBM) to manage the life cycle of the IBM MQ queue manager. There is a trust management gap in IBM MQ Operator, which stems from inappropriate configurations that may lead to the disclosure of sensitive information or unauthorized operations. The following versions were affected: IBM MQ Operator LTS 2.0.0 to 2.0.29, CD 3.0.0, 3.01, 3.1.03, 3.3.0, 3.4.1, 3.5.0, 3.5.1 to 3.5.3 and SC2.2.0 to 3.2.12.
Hazard Level
High
Vulnerability Type
信任管理问题
Affected Vendor
国际商业机器
Published
2025-06-15
Last Modified
2026-02-24
References
https://www.ibm.com/support/pages/node/7236608 https://nvd.nist.gov/vuln/detail/CVE-2025-36041 https://access.redhat.com/security/cve/cve-2025-36041
Patch
https://www.ibm.com/support/pages/node/7236608
Share on: