{"id":2463,"date":"2025-05-02T07:09:40","date_gmt":"2025-05-02T07:09:40","guid":{"rendered":"http:\/\/localhost\/?p=2463"},"modified":"2025-05-02T07:09:40","modified_gmt":"2025-05-02T07:09:40","slug":"cve-2025-1333-ibm-mq-operator-information-disclosure","status":"publish","type":"post","link":"https:\/\/zero.redgem.net\/?p=2463","title":{"rendered":"CVE-2025-1333 IBM MQ Operator information disclosure"},"content":{"rendered":"
\n

Vulnerability Details<\/h2>\n
\n

Basic Information<\/h3>\n\n\n\n\n\n\n
Title<\/th>\nCVE-2025-1333 IBM MQ Operator information disclosure<\/td>\n<\/tr>\n
Type<\/th>\ncvelist<\/td>\n<\/tr>\n
Published<\/th>\n2025-05-01T22:07:08<\/td>\n<\/tr>\n
Last Seen<\/th>\n2025-05-01T22:29:44<\/td>\n<\/tr>\n
CVSS Score<\/th>\n6.0 (MEDIUM)<\/td>\n<\/tr>\n<\/table><\/div>\n
\n

CVSS v3 Details<\/h3>\n\n\n\n\n\n\n\n\n\n
Attack Vector<\/th>\nLOCAL<\/td>\n<\/tr>\n
Attack Complexity<\/th>\nLOW<\/td>\n<\/tr>\n
Privileges Required<\/th>\nHIGH<\/td>\n<\/tr>\n
User Interaction<\/th>\nNONE<\/td>\n<\/tr>\n
Scope<\/th>\nCHANGED<\/td>\n<\/tr>\n
Confidentiality Impact<\/th>\nHIGH<\/td>\n<\/tr>\n
Integrity Impact<\/th>\nNONE<\/td>\n<\/tr>\n
Availability Impact<\/th>\nNONE<\/td>\n<\/tr>\n<\/table><\/div>\n
\n

CVE Information<\/h3>\n\n\n\n\n
CVE IDs<\/th>\nCVE-2025-1333<\/td>\n<\/tr>\n
CWE<\/th>\nCWE-214<\/td>\n<\/tr>\n
Bulletin Family<\/th>\ncve<\/td>\n<\/tr>\n<\/table><\/div>\n
\n

Description<\/h3>\n
\n IBM MQ Container when used with the IBM MQ Operator LTS 2.0.0 through 2.0.29, MQ Operator CD 3.0.0, 3.0.1, 3.1.0 through 3.1.3, 3.3.0, 3.4.0, 3.4.1, 3.5.0, 3.5.1, and MQ Operator SC2 3.2.0 through 3.2.10 and configured with Cloud Pak for Integration Keycloak could disclose sensitive information to a privileged user.\n <\/div>\n<\/p><\/div>\n
\n

Impact Assessment<\/h3>\n\n\n\n
Base Score<\/th>\n6.0<\/td>\n<\/tr>\n
Severity<\/th>\nMEDIUM<\/td>\n<\/tr>\n<\/table><\/div>\n
\n

View full CVE details<\/a><\/p>\n<\/p><\/div>\n<\/div>\n