Session Impersonation Vulnerability in IBM MQ Appliance 9.2 and 9.3

Session Impersonation Vulnerability in IBM MQ Appliance 9.2 and 9.3

CVE-2022-40230 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

"IBM MQ Appliance 9.2 CD, 9.2 LTS, 9.3 CD, and LTS 9.3 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system. IBM X-Force ID: 235532."

Learn more about our Cis Benchmark Audit For Ibm I.