Vulnerability Description
IBM MQ Operator 2.0.0 LTS, 2.0.18 LTS, 3.0.0 CD, 3.0.1 CD, 2.4.0 through 2.4.7, 2.3.0 through 2.3.3, 2.2.0 through 2.2.2, and 2.3.0 through 2.3.3 stores or transmits user credentials in plain clear text which can be read by a local user using a trace command. IBM X-Force ID: 272638.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Mq Operator | >= 2.2.0, <= 2.2.2 |
Related Weaknesses (CWE)
References
- https://exchange.xforce.ibmcloud.com/vulnerabilities/272638Vendor Advisory
- https://www.ibm.com/support/pages/node/7126571Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/272638Vendor Advisory
- https://www.ibm.com/support/pages/node/7126571Vendor Advisory
FAQ
What is CVE-2023-47745?
CVE-2023-47745 is a vulnerability with a CVSS score of 6.2 (MEDIUM). IBM MQ Operator 2.0.0 LTS, 2.0.18 LTS, 3.0.0 CD, 3.0.1 CD, 2.4.0 through 2.4.7, 2.3.0 through 2.3.3, 2.2.0 through 2.2.2, and 2.3.0 through 2.3.3 stores or transmits user credentials in plain clear te...
How severe is CVE-2023-47745?
CVE-2023-47745 has been rated MEDIUM with a CVSS base score of 6.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-47745?
Check the references section above for vendor advisories and patch information. Affected products include: Ibm Mq Operator.