March 12, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Rewterz Threat Alert – LockBit Ransomware Claimed Attack on Security Giant Entrust
August 19, 2022Rewterz Threat Advisory – Multiple GitLab Vulnerabilities
August 21, 2022Rewterz Threat Alert – LockBit Ransomware Claimed Attack on Security Giant Entrust
August 19, 2022Rewterz Threat Advisory – Multiple GitLab Vulnerabilities
August 21, 2022
Severity
High
Analysis Summary
CVE-2022-22489
IBM MQ 8.0, (9.0, 9.1, 9.2 LTS), and (9.1 and 9.2 CD) are vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources.
Impact
- Unauthorized Access
Indicators Of Compromise
CVE
- CVE-2022-22489
Affected Vendors
IBM
Affected Products
- IBM MQ 8.0
- IBM MQ 9.0.LTS
- IBM MQ 9.1.LTS
- IBM MQ 9.1.CD
Remediation
Refer to IBM Security Advisory for patch, upgrade or suggested workaround information.