CVE-2024-35155 – IBM MQ Console versions 9.3 LTS and 9.3 CD expo... (How to Fix)

Q: What is the severity of CVE-2024-35155?

CVE-2024-35155 has a CVSS score of 6.5 (MEDIUM). IBM MQ Console versions 9.3 LTS and 9.3 CD expose detailed technical error messages to remote attackers, potentially revealing sensitive system information. This information disclosure vulnerability could provide attackers with intelligence for further attacks against the system. Organizations running affected IBM MQ Console versions are at risk.

📋 TL;DR

IBM MQ Console versions 9.3 LTS and 9.3 CD expose detailed technical error messages to remote attackers, potentially revealing sensitive system information. This information disclosure vulnerability could provide attackers with intelligence for further attacks against the system. Organizations running affected IBM MQ Console versions are at risk.

💻 Affected Systems

Products:

IBM MQ Console

Versions: 9.3 LTS and 9.3 CD

Operating Systems: All supported platforms

Default Config Vulnerable: ⚠️ Yes

Notes: Affects both Long Term Support (LTS) and Continuous Delivery (CD) versions of IBM MQ Console 9.3

📦 What is this software?

Mq by Ibm

View all CVEs affecting Mq →

Mq by Ibm

View all CVEs affecting Mq →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers obtain detailed system information, configuration details, or internal paths that enable targeted follow-up attacks, potentially leading to full system compromise.

🟠

Likely Case

Attackers gather reconnaissance data about the IBM MQ environment, including version information, internal paths, and configuration details that could inform subsequent attacks.

🟢

If Mitigated

Limited information disclosure with no sensitive credentials or critical configuration data exposed, reducing the attack surface for follow-up exploitation.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Exploitation requires triggering error conditions that return detailed technical messages to the browser

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Apply IBM MQ 9.3.0.15 or later

Vendor Advisory: https://www.ibm.com/support/pages/node/7158059

Restart Required: Yes

Instructions:

1. Download IBM MQ 9.3.0.15 or later from IBM Fix Central. 2. Apply the fix pack following IBM's installation procedures. 3. Restart the IBM MQ Console service.

🔧 Temporary Workarounds

Disable Detailed Error Messages

all

Configure IBM MQ Console to return generic error messages instead of detailed technical information

Configure error handling in IBM MQ Console configuration files to suppress detailed error messages

Network Segmentation

all

Restrict access to IBM MQ Console to trusted internal networks only

Configure firewall rules to limit access to IBM MQ Console ports (typically 9443)

🧯 If You Can't Patch

Implement web application firewall (WAF) rules to filter error messages containing technical details
Monitor and alert on unusual error message patterns in IBM MQ Console logs

🔍 How to Verify

Check if Vulnerable:

Check IBM MQ Console version via administrative interface or configuration files

Check Version:

dspmqver (on IBM MQ server) or check version in MQ Console web interface

Verify Fix Applied:

Verify installed version is 9.3.0.15 or later and test that error conditions return generic messages

📡 Detection & Monitoring

Log Indicators:

Unusual error patterns in IBM MQ Console logs
Multiple error requests from single sources

Network Indicators:

Unusual traffic patterns to IBM MQ Console error endpoints
Repeated requests designed to trigger errors

SIEM Query:

source="ibm_mq_console" AND (message="*error*" OR message="*exception*") AND message="*detailed*"

📊 Metadata

CVE ID: CVE-2024-35155

CVSS v3 Score: 6.5 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CWE: CWE-209

Published: June 28, 2024

Last Updated: November 21, 2024

🔗 References

https://exchange.xforce.ibmcloud.com/vulnerabilities/292765 VDB Entry
https://www.ibm.com/support/pages/node/7158059 Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/292765 VDB Entry
https://www.ibm.com/support/pages/node/7158059 Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-35155, you might also want to check these: