CVE-2025-36041 Information

Jun 16, 2025 cve

Description

IBM MQ Operator LTS 2.0.0 through 2.0.29 MQ Operator CD 3.0.0 3.0.1 3.1.0 through 3.1.3 3.3.0 3.4.0 3.4.1 3.5.0 3.5.1 through 3.5.3 and MQ Operator SC2 3.2.0 through 3.2.12 Native HA CRR could be configured with a private key and chain other than the intended key which could disclose sensitive information or allow the attacker to perform unauthorized actions.

CVSS Vector

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:H/A:N

Reference

https://www.ibm.com/support/pages/node/7236608

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction Required

HIGH

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

LOW

Availability Impact

HIGH

Base Score

NONE

Base Severity

4.7

CNNVD-202506-1832 (Published: 2025-06-15)

Share on:

CVE-2025-36041 Information

Description

CVSS Vector

Reference

Attack Complexity

Privileges Required

User Interaction Required

Scope

Confidentiality Impact

Integrity Impact

Availability Impact

Base Score

Base Severity

Related CNNVD