Sensitive Credential Information Disclosure in IBM MQ 8.0, 9.0, and 9.1

Sensitive Credential Information Disclosure in IBM MQ 8.0, 9.0, and 9.1

CVE-2023-28514 · MEDIUM Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

IBM MQ 8.0, 9.0, and 9.1 could allow a local user to obtain sensitive credential information when a detailed technical error message is returned in a stack trace. IBM X-Force ID: 250398.

Learn more about our User Device Pen Test.