Severity
Medium
Analysis Summary
CVE-2025-3631 CVSS:6.5
An IBM MQ 9.3 and 9.4 Client connecting to an MQ Queue Manager can cause a SIGSEGV in the AMQRMPPA channel process terminating it.
CVE-2025-36104 CVSS:6.5
IBM Storage Scale 5.2.3.0 and 5.2.3.1 could allow an authenticated user to obtain sensitive information from files due to the insecure permissions inherited through the SMB protocol.
Impact
- Denial of Service
- Information Disclosure
Indicators of Compromise
CVE
CVE-2025-3631
CVE-2025-36104
Affected Vendors
- IBM
Affected Products
- IBM MQ 9.3.2.0 CD
- IBM MQ 9.3.5.1 CD
- IBM MQ 9.4.0.0 CD
- IBM MQ 9.4.2.1 CD
- IBM Storage Scale 5.2.3.0
- IBM Storage Scale 5.2.3.1
- IBM MQ 9.4.0.0 LTS
- IBM MQ 9.4.0.11 LTS
- IBM MQ Appliance 9.3.2.0 CD
- IBM MQ Appliance 9.3.5.2 CD
- IBM MQ Appliance 9.4.0.0 LTS
- IBM MQ Appliance 9.4.0.11 LTS
- IBM MQ Appliance 9.4.1.0 CD
- IBM MQ Appliance 9.4.2.1 CD
Remediation
Refer to IBM Website for patch, upgrade, or suggested workaround information.