CVE-2024-40681
Published: Sep 7, 2024Modified: Aug 15, 2025
8.8
Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Exploitability: 2.8 / Impact: 5.9
Source: NVD
Description
IBM MQ 9.1 LTS, 9.2 LTS, 9.3 LTS, 9.3 CD, 9.4 LTS, and 9.4 CD could allow an authenticated user in a specifically defined role, to bypass security restrictions and execute actions against the queue manager.
Affected (100)
Products: Ibm: Mq Operator, Supplied Mq Advanced Container Images
Configuration A100 vulnerable
| Vulnerable Software | Affected Versions |
|---|---|
| From 2.2.0 to 2.2.2 | |
| From 2.3.0 to 2.3.3 | |
| From 2.4.0 to 2.4.8 | |
| From 3.1.0 to 3.1.3 | |
| From 2.0.0 to 2.0.25 | |
| From 3.2.0 to 3.2.3 | |
| Version 3.0.0 | |
| Version 3.0.1 | |
| Version 9.2.0.1 r1-eus | |
| Version 9.2.0.1 r1-eus | |
| Version 9.2.0.2 r1-eus | |
| Version 9.2.0.2 r1-eus | |
| Version 9.2.0.2 r2-eus | |
| Version 9.2.0.2 r2-eus | |
| Version 9.2.0.4 r1-eus | |
| Version 9.2.0.4 r1-eus | |
| Version 9.2.0.5 r1-eus | |
| Version 9.2.0.5 r1-eus | |
| Version 9.2.0.5 r2-eus | |
| Version 9.2.0.5 r2-eus | |
| Version 9.2.0.5 r3-eus | |
| Version 9.2.0.5 r3-eus | |
| Version 9.2.0.6 r1-eus | |
| Version 9.2.0.6 r1-eus | |
| Version 9.2.0.6 r2-eus | |
| Version 9.2.0.6 r2-eus | |
| Version 9.2.0.6 r3-eus | |
| Version 9.2.0.6 r3-eus | |
| Version 9.2.3.0 r1 | |
| Version 9.2.4.0 r1 | |
| Version 9.2.4.0 r1 | |
| Version 9.2.5.0 r1 | |
| Version 9.2.5.0 r1 | |
| Version 9.2.5.0 r2 | |
| Version 9.2.5.0 r2 | |
| Version 9.2.5.0 r3 | |
| Version 9.2.5.0 r3 | |
| Version 9.3.0.0 r1 | |
| Version 9.3.0.0 r1 | |
| Version 9.3.0.0 r2 | |
| Version 9.3.0.0 r2 | |
| Version 9.3.0.0 r3 | |
| Version 9.3.0.0 r3 | |
| Version 9.3.0.10 r1 | |
| Version 9.3.0.10 r2 | |
| Version 9.3.0.10 r3 | |
| Version 9.3.0.11 r1 | |
| Version 9.3.0.11 r2 | |
| Version 9.3.0.15 r1 | |
| Version 9.3.0.16 r1 | |
| Version 9.3.0.16 r2 | |
| Version 9.3.0.17 r1 | |
| Version 9.3.0.17 r2 | |
| Version 9.3.0.17 r3 | |
| Version 9.3.0.1 r1 | |
| Version 9.3.0.1 r1 | |
| Version 9.3.0.1 r2 | |
| Version 9.3.0.1 r2 | |
| Version 9.3.0.1 r3 | |
| Version 9.3.0.1 r3 | |
| Version 9.3.0.1 r4 | |
| Version 9.3.0.1 r4 | |
| Version 9.3.0.20 r1 | |
| Version 9.3.0.20 r2 | |
| Version 9.3.0.3 r1 | |
| Version 9.3.0.3 r1 | |
| Version 9.3.0.4 r1 | |
| Version 9.3.0.4 r1 | |
| Version 9.3.0.4 r2 | |
| Version 9.3.0.4 r2 | |
| Version 9.3.0.5 r1 | |
| Version 9.3.0.5 r1 | |
| Version 9.3.0.5 r2 | |
| Version 9.3.0.5 r3 | |
| Version 9.3.0.6 r1 | |
| Version 9.3.0.6 r1 | |
| Version 9.3.1.0 r1 | |
| Version 9.3.1.1 r1 | |
| Version 9.3.2.0 r1 | |
| Version 9.3.2.0 r2 | |
| Version 9.3.2.1 r1 | |
| Version 9.3.2.1 r2 | |
| Version 9.3.3.0 r1 | |
| Version 9.3.3.0 r2 | |
| Version 9.3.3.1 r1 | |
| Version 9.3.3.1 r2 | |
| Version 9.3.3.2 r1 | |
| Version 9.3.3.2 r2 | |
| Version 9.3.3.2 r3 | |
| Version 9.3.3.3 r1 | |
| Version 9.3.3.3 r2 | |
| Version 9.3.4.0 r1 | |
| Version 9.3.4.1 r1 | |
| Version 9.3.5.0 r1 | |
| Version 9.3.5.0 r2 | |
| Version 9.3.5.1 r1 | |
| Version 9.3.5.1 r2 | |
| Version 9.4.0.0 r1 | |
| Version 9.4.0.0 r2 | |
| Version 9.4.0.0 r3 |
References (1)
Timeline
No history available yet.