- Description
- IBM MQ LTS 9.1.0.0 through 9.1.0.29, 9.2.0.0 through 9.2.0.36, 9.3.0.0 through 9.3.0.30 and 9.4.0.0 through 9.4.0.12 and IBM MQ CD 9.3.0.0 through 9.3.5.1 and 9.4.0.0 through 9.4.3.0 Java and JMS stores a password in client configuration files when trace is enabled which can be read by a local user.
- Source
- psirt@us.ibm.com
- NVD status
- Analyzed
- Products
- mq
CVSS 3.1
- Type
- Primary
- Base score
- 5.5
- Impact score
- 3.6
- Exploitability score
- 1.8
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
- Severity
- MEDIUM
- psirt@us.ibm.com
- CWE-260
- Hype score
- Not currently trending
CVE-2025-36100 IBM MQ LTS 9.1.0.0 through 9.1.0.29, 9.2.0.0 through 9.2.0.36, 9.3.0.0 through 9.3.0.30 and 9.4.0.0 through 9.4.0.12 and IBM MQ CD 9.3.0.0 through 9.3.5.1 and 9.4.0.0… https://t.co/sj732QonDN
@CVEnew
7 Sept 2025
748 Impressions
1 Retweet
2 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-36100 IBM MQ Password Disclosure Vulnerability in Client Configuration Files with Trace Enabled https://t.co/IJOkqRX5c2
@VulmonFeeds
7 Sept 2025
182 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:mq:*:*:*:*:lts:*:*:*",
"matchCriteriaId": "EEC58507-1F42-4B74-9064-E1E4FD56845C",
"versionEndExcluding": "9.1.0.31",
"versionStartIncluding": "9.1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:mq:*:*:*:*:lts:*:*:*",
"matchCriteriaId": "D1B44935-BB22-469B-AA4B-A522B2C403C6",
"versionEndExcluding": "9.2.0.37",
"versionStartIncluding": "9.2.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:mq:*:*:*:*:lts:*:*:*",
"matchCriteriaId": "09D94156-0DF7-48A3-91F1-64133B90C52C",
"versionEndExcluding": "9.3.0.31",
"versionStartIncluding": "9.3.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:mq:*:*:*:*:continuous_delivery:*:*:*",
"matchCriteriaId": "86E7AEF9-AABE-44D3-83AB-629F95270458",
"versionEndIncluding": "9.3.5.1",
"versionStartIncluding": "9.3.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:mq:*:*:*:*:lts:*:*:*",
"matchCriteriaId": "D4F53F00-938E-4940-AE98-3FC19EEA635D",
"versionEndExcluding": "9.4.0.15",
"versionStartIncluding": "9.4.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:mq:*:*:*:*:continuous_delivery:*:*:*",
"matchCriteriaId": "5657F757-6ECC-4CAC-AA09-A16F3A67D17E",
"versionEndExcluding": "9.4.3.1",
"versionStartIncluding": "9.4.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
]