IBM Patches Severe Vulnerabilities in MQ Messaging Middleware

Source
Advertisement


Messaging and queuing middleware, IBM MQ provides enterprise-grade messaging between applications, enabling the transfer of data between programs and the sending of messages to multiple subscribers.

Two security issues were resolved in IBM MQ this week, both residing within the libcurl library. Both flaws can be exploited remotely, IBM notes in an advisory.

Tracked as CVE-2022-27780, the first of these bugs could allow an attacker to bypass security restrictions using a specially crafted host name in a URL.

Advertisement