CNNVD-202510-2337 Information
CNNVD ID
CNNVD-202510-2337
Related CVE
- CNNVD Published: 2025-10-16
Description (Chinese)
IBM MQ是美国国际商业机器(IBM)公司的一款消息传递中间件产品。该产品主要为面向服务的体系结构(SOA)提供可靠的、经过验证的消息传递主干网。 IBM MQ 9.1版本、9.2版本、9.3版本、9.4 LTS版本、9.3版本和9.4 CD版本存在安全漏洞,该漏洞源于对单个读取操作超时的执行不当,可能导致拒绝服务攻击。
Description (English)
IBM MQ is an intermediate message from the United States International Business Machine (IBM). The product provides a reliable and validated backbone for service-oriented system structures (SOAs). IBM MQ version 9.1, version 9.2, version 9.3, version 9.4 LTS, version 9.3 and version 9.4 CD version contain security loopholes that stem from inappropriate implementation of individual reading operations over time and may lead to denial of service attacks.
Hazard Level
Medium
Vulnerability Type
其他
Affected Vendor
国际商业机器
Published
2025-10-16
Last Modified
2026-02-24
References
https://www.ibm.com/support/pages/node/7244480 https://vigilance.fr/vulnerability/IBM-MQ-denial-of-service-via-Slowloris-48513
Patch
https://www.ibm.com/support/pages/node/7244480
Share on: