IBM MQ Operator information disclosure_CVE-2025-33013

6.2 / 10

MEDIUM

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Description

IBM MQ Operator LTS 2.0.0 through 2.0.29, MQ Operator CD 3.0.0, 3.0.1, 3.1.0 through 3.1.3, 3.3.0, 3.4.0, 3.4.1, 3.5.0, 3.5.1, 3.6.0, and MQ Operator SC2 3.2.0 through 3.2.13 Container could disclose sensitive information to a local user due to improper clearing of heap memory before release.

Basic Information

ID CVE-2025-33013

Source ibm

Published Jul 24, 2025 at 14:55

Modified Jul 24, 2025 at 15:03

Affected Product

Vendor IBM

Product MQ Operator

Version 2.0.0 LTS

Affected Versions IBM MQ Operator 2.0.0 LTS
IBM MQ Operator 3.0.0, 3.0.1, 3.1.0, 3.1.3, 3.4.0, 3.5.0, 3.5.1, 3.6.0 CD
IBM MQ Operator 3.2.0 SC2

CWE Classification

CWE-244

References

www.ibm.com /support/pages/node/7240431

{
    "lastseen": "",
    "description": "IBM MQ Operator LTS 2.0.0 through 2.0.29, MQ Operator CD 3.0.0, 3.0.1, 3.1.0 through 3.1.3, 3.3.0, 3.4.0, 3.4.1, 3.5.0, 3.5.1, 3.6.0, and MQ Operator SC2 3.2.0 through 3.2.13 Container could disclose sensitive information to a local user due to improper clearing of heap memory before release.",
    "published": "2025-07-24T14:55:04.945Z",
    "modified": "2025-07-24T15:03:48.993Z",
    "type": "cve",
    "title": "IBM MQ Operator information disclosure",
    "source": "ibm",
    "references": "https://www.ibm.com/support/pages/node/7240431",
    "id": "CVE-2025-33013",
    "bulletinFamily": "",
    "cwe": [
        "CWE-244"
    ],
    "cvelist": null,
    "sourceData": "IBM MQ Operator 2.0.0 LTS\nIBM MQ Operator 3.0.0, 3.0.1, 3.1.0, 3.1.3, 3.4.0, 3.5.0, 3.5.1, 3.6.0 CD\nIBM MQ Operator 3.2.0 SC2",
    "sourceHref": "",
    "cvss": {
        "score": 6.2,
        "severity": "MEDIUM",
        "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "MQ Operator",
    "version": "2.0.0 LTS",
    "vendor": "IBM",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}