CVE-2025-36005
EUVD-2025-2252224.07.2025, 15:15
IBM MQ Operator LTS 2.0.0 through 2.0.29, MQ Operator CD 3.0.0, 3.0.1, 3.1.0 through 3.1.3, 3.3.0, 3.4.0, 3.4.1, 3.5.0, 3.5.1, 3.6.0, and MQ Operator SC2 3.2.0 through 3.2.13 Internet Pass-Thru could allow a malicious user to obtain sensitive information from another TLS session connection by the proxy to the same hostname and port due to improper certificate validation.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| ibm | mq_operator | 2.0.0 ≤ 𝑥 ≤ 2.0.29 |
| ibm | mq_operator | 3.2.0 ≤ 𝑥 ≤ 3.2.13 |
| ibm | mq_operator | 3.5.1 ≤ 𝑥 ≤ 3.6.0 |
| ibm | mq_operator | 3.3.0 |
| ibm | mq_operator | 3.4.0 |
| ibm | mq_operator | 3.4.1 |
| ibm | mq_operator | 3.5.0 |
| ibm | supplied_mq_advanced_container_images | 9.3.0.0:r1 |
| ibm | supplied_mq_advanced_container_images | 9.3.0.0:r2 |
| ibm | supplied_mq_advanced_container_images | 9.3.0.0:r3 |
| ibm | supplied_mq_advanced_container_images | 9.3.0.1:r1 |
| ibm | supplied_mq_advanced_container_images | 9.3.0.1:r2 |
| ibm | supplied_mq_advanced_container_images | 9.3.0.1:r3 |
| ibm | supplied_mq_advanced_container_images | 9.3.0.1:r4 |
| ibm | supplied_mq_advanced_container_images | 9.3.0.3:r1 |
| ibm | supplied_mq_advanced_container_images | 9.3.0.4:r1 |
| ibm | supplied_mq_advanced_container_images | 9.3.0.4:r2 |
| ibm | supplied_mq_advanced_container_images | 9.3.0.5:r1 |
| ibm | supplied_mq_advanced_container_images | 9.3.0.5:r2 |
| ibm | supplied_mq_advanced_container_images | 9.3.0.5:r3 |
| ibm | supplied_mq_advanced_container_images | 9.3.0.6:r1 |
| ibm | supplied_mq_advanced_container_images | 9.3.0.10:r1 |
| ibm | supplied_mq_advanced_container_images | 9.3.0.10:r2 |
| ibm | supplied_mq_advanced_container_images | 9.3.0.11:r1 |
| ibm | supplied_mq_advanced_container_images | 9.3.0.11:r2 |
| ibm | supplied_mq_advanced_container_images | 9.3.0.15:r1 |
| ibm | supplied_mq_advanced_container_images | 9.3.0.16:r1 |
| ibm | supplied_mq_advanced_container_images | 9.3.0.16:r2 |
| ibm | supplied_mq_advanced_container_images | 9.3.0.17:r1 |
| ibm | supplied_mq_advanced_container_images | 9.3.0.17:r2 |
| ibm | supplied_mq_advanced_container_images | 9.3.0.17:r3 |
| ibm | supplied_mq_advanced_container_images | 9.3.0.20:r1 |
| ibm | supplied_mq_advanced_container_images | 9.3.0.20:r2 |
| ibm | supplied_mq_advanced_container_images | 9.3.0.21:r1 |
| ibm | supplied_mq_advanced_container_images | 9.3.0.21:r2 |
| ibm | supplied_mq_advanced_container_images | 9.3.0.21:r3 |
| ibm | supplied_mq_advanced_container_images | 9.3.0.25:r1 |
| ibm | supplied_mq_advanced_container_images | 9.4.0.0:r1 |
| ibm | supplied_mq_advanced_container_images | 9.4.0.0:r2 |
| ibm | supplied_mq_advanced_container_images | 9.4.0.0:r3 |
| ibm | supplied_mq_advanced_container_images | 9.4.0.5:r1 |
| ibm | supplied_mq_advanced_container_images | 9.4.0.5:r2 |
| ibm | supplied_mq_advanced_container_images | 9.4.0.6:r1 |
| ibm | supplied_mq_advanced_container_images | 9.4.0.6:r2 |
| ibm | supplied_mq_advanced_container_images | 9.4.0.7:r1 |
| ibm | supplied_mq_advanced_container_images | 9.4.0.10:r1 |
| ibm | supplied_mq_advanced_container_images | 9.4.0.10:r2 |
| ibm | supplied_mq_advanced_container_images | 9.4.0.11:r1 |
| ibm | supplied_mq_advanced_container_images | 9.4.0.11:r2 |
| ibm | supplied_mq_advanced_container_images | 9.4.0.11:r3 |
| ibm | supplied_mq_advanced_container_images | 9.4.1.0:r1 |
| ibm | supplied_mq_advanced_container_images | 9.4.1.0:r2 |
| ibm | supplied_mq_advanced_container_images | 9.4.1.1:r1 |
| ibm | supplied_mq_advanced_container_images | 9.4.2.0:r1 |
| ibm | supplied_mq_advanced_container_images | 9.4.2.0:r2 |
| ibm | supplied_mq_advanced_container_images | 9.4.2.1:r1 |
| ibm | supplied_mq_advanced_container_images | 9.4.2.1:r2 |
| ibm | supplied_mq_advanced_container_images | 9.4.3.0:r1 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration