April 18, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Rewterz Threat Alert – CryptBot Trojan – Active IOCs
November 30, 2021Rewterz Threat Advisory – Multiple Trend Micro Worry-Free Business Security
December 1, 2021Rewterz Threat Alert – CryptBot Trojan – Active IOCs
November 30, 2021Rewterz Threat Advisory – Multiple Trend Micro Worry-Free Business Security
December 1, 2021
Severity
Medium
Analysis Summary
CVE-2021-38967
IBM MQ Appliance 9.2 CD and 9.2 LTS could allow a local privileged user to inject and execute malicious code
CVE-2021-38999
IBM MQ Appliance could allow a local attacker to obtain sensitive information by inclusion of sensitive data within trace.
CVE-2021-39000
IBM MQ Appliance 9.2 CD and 9.2 LTS could allow a local attacker to obtain sensitive information by inclusion of sensitive data within diagnostics
CVE-2021-38958
IBM MQ Appliance 9.2 CD and 9.2 LTS is affected by a denial of service attack caused by a concurrency issue
Impact
- Code Execution
- Information Disclosure
- Denial of Service
Affected Vendors
IBM
Affected Products
- IBM MQ Appliance 9.2.0.0
- IBM MQ Appliance 9.2.1
- IBM MQ Appliance 9.2.0.1
- IBM MQ Appliance 9.2.2
- IBM MQ Appliance 9.2.0.2
- IBM MQ Appliance 9.2.0.3
- IBM MQ Appliance 9.2.3
Remediation
Refer to IBM Security Advisory for patch, upgrade or suggested workaround information.
CVE-2021-38967
CVE-2021-38999
CVE-2021-39000
CVE-2021-38958
