CVE-2022-31772 MEDIUM

CVE-2022-31772: IBM MQ denial of service

Vendor Ibm
Product MQ
Weakness CWE-20 · Input validation
Published November 11, 2022
Last update May 1, 2025

CVSS base score

5.3/10
Attack vector Network
Attack complexity High
Privileges required Low
User interaction None
Confidentiality None
Integrity None

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

What the vulnerability does

01Description

IBM MQ 8.0, 9.0 LTS, 9.1 CD, 9.1 LTS, 9.2 CD, and 9.2 LTS could allow an authenticated and authorized user to cause a denial of service to the MQTT channels. IBM X-Force ID: 228335.

Key dates

02Disclosure timeline

November 11, 2022 CVE published
May 1, 2025 Record updated