Sign In

CVE-2025-36005

📊 5.9 MEDIUM0.0%🎯 0 exploits
📅 Published Jul 24, 2025
📋 Status: Analyzed

IBM MQ Operator LTS 2.0.0 through 2.0.29, MQ Operator CD 3.0.0, 3.0.1, 3.1.0 through 3.1.3, 3.3.0, 3.4.0, 3.4.1, 3.5.0, 3.5.1, 3.6.0, and MQ Operator SC2 3.2.0 through 3.2.13 Internet Pass-Thru could allow a malicious user to obtain sensitive information from another TLS session connection by the proxy to the same hostname and port due to improper certificate validation.

🎯 Affected Products & Systems

58 product configurations affected

Filter by type:
📱
ibm / mq operator
Application
Vulnerable
Version: ≥ 2.0.0 ∧ ≤ 2.0.29
CPE:
cpe:2.3:a:ibm:mq_operator:*:*:*:*:lts:*:*:*
📱
ibm / mq operator
Application
Vulnerable
Version: ≥ 3.2.0 ∧ ≤ 3.2.13
CPE:
cpe:2.3:a:ibm:mq_operator:*:*:*:*:sc2:*:*:*
📱
ibm / mq operator
Application
Vulnerable
Version: ≥ 3.5.1 ∧ ≤ 3.6.0
CPE:
cpe:2.3:a:ibm:mq_operator:*:*:*:*:cd:*:*:*
📱
ibm / mq operator
Application
Vulnerable
Version: 3.3.0
CPE:
cpe:2.3:a:ibm:mq_operator:3.3.0:*:*:*:cd:*:*:*
📱
ibm / mq operator
Application
Vulnerable
Version: 3.4.0
CPE:
cpe:2.3:a:ibm:mq_operator:3.4.0:*:*:*:cd:*:*:*
📱
ibm / mq operator
Application
Vulnerable
Version: 3.4.1
CPE:
cpe:2.3:a:ibm:mq_operator:3.4.1:*:*:*:cd:*:*:*
📱
ibm / mq operator
Application
Vulnerable
Version: 3.5.0
CPE:
cpe:2.3:a:ibm:mq_operator:3.5.0:*:*:*:cd:*:*:*
📱
Vulnerable
Version: 9.3.0.0
CPE:
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.3.0.0:r1:*:*:lts:*:*:*
📱
Vulnerable
Version: 9.3.0.0
CPE:
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.3.0.0:r2:*:*:lts:*:*:*
📱
Vulnerable
Version: 9.3.0.0
CPE:
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.3.0.0:r3:*:*:lts:*:*:*
📱
Vulnerable
Version: 9.3.0.1
CPE:
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.3.0.1:r1:*:*:lts:*:*:*
📱
Vulnerable
Version: 9.3.0.1
CPE:
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.3.0.1:r2:*:*:lts:*:*:*
📱
Vulnerable
Version: 9.3.0.1
CPE:
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.3.0.1:r3:*:*:lts:*:*:*
📱
Vulnerable
Version: 9.3.0.1
CPE:
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.3.0.1:r4:*:*:lts:*:*:*
📱
Vulnerable
Version: 9.3.0.3
CPE:
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.3.0.3:r1:*:*:lts:*:*:*
📱
Vulnerable
Version: 9.3.0.4
CPE:
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.3.0.4:r1:*:*:lts:*:*:*
📱
Vulnerable
Version: 9.3.0.4
CPE:
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.3.0.4:r2:*:*:lts:*:*:*
📱
Vulnerable
Version: 9.3.0.5
CPE:
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.3.0.5:r1:*:*:lts:*:*:*
📱
Vulnerable
Version: 9.3.0.5
CPE:
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.3.0.5:r2:*:*:lts:*:*:*
📱
Vulnerable
Version: 9.3.0.5
CPE:
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.3.0.5:r3:*:*:lts:*:*:*
📱
Vulnerable
Version: 9.3.0.6
CPE:
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.3.0.6:r1:*:*:lts:*:*:*
📱
Vulnerable
Version: 9.3.0.10
CPE:
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.3.0.10:r1:*:*:lts:*:*:*
📱
Vulnerable
Version: 9.3.0.10
CPE:
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.3.0.10:r2:*:*:lts:*:*:*
📱
Vulnerable
Version: 9.3.0.11
CPE:
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.3.0.11:r1:*:*:lts:*:*:*
📱
Vulnerable
Version: 9.3.0.11
CPE:
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.3.0.11:r2:*:*:lts:*:*:*
📱
Vulnerable
Version: 9.3.0.15
CPE:
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.3.0.15:r1:*:*:lts:*:*:*
📱
Vulnerable
Version: 9.3.0.16
CPE:
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.3.0.16:r1:*:*:lts:*:*:*
📱
Vulnerable
Version: 9.3.0.16
CPE:
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.3.0.16:r2:*:*:lts:*:*:*
📱
Vulnerable
Version: 9.3.0.17
CPE:
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.3.0.17:r1:*:*:lts:*:*:*
📱
Vulnerable
Version: 9.3.0.17
CPE:
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.3.0.17:r2:*:*:lts:*:*:*
📱
Vulnerable
Version: 9.3.0.17
CPE:
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.3.0.17:r3:*:*:lts:*:*:*
📱
Vulnerable
Version: 9.3.0.20
CPE:
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.3.0.20:r1:*:*:lts:*:*:*
📱
Vulnerable
Version: 9.3.0.20
CPE:
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.3.0.20:r2:*:*:lts:*:*:*
📱
Vulnerable
Version: 9.3.0.21
CPE:
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.3.0.21:r1:*:*:lts:*:*:*
📱
Vulnerable
Version: 9.3.0.21
CPE:
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.3.0.21:r2:*:*:lts:*:*:*
📱
Vulnerable
Version: 9.3.0.21
CPE:
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.3.0.21:r3:*:*:lts:*:*:*
📱
Vulnerable
Version: 9.3.0.25
CPE:
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.3.0.25:r1:*:*:lts:*:*:*
📱
Vulnerable
Version: 9.4.0.0
CPE:
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.4.0.0:r1:*:*:lts:*:*:*
📱
Vulnerable
Version: 9.4.0.0
CPE:
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.4.0.0:r2:*:*:lts:*:*:*
📱
Vulnerable
Version: 9.4.0.0
CPE:
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.4.0.0:r3:*:*:lts:*:*:*
📱
Vulnerable
Version: 9.4.0.5
CPE:
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.4.0.5:r1:*:*:lts:*:*:*
📱
Vulnerable
Version: 9.4.0.5
CPE:
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.4.0.5:r2:*:*:lts:*:*:*
📱
Vulnerable
Version: 9.4.0.6
CPE:
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.4.0.6:r1:*:*:sc2:*:*:*
📱
Vulnerable
Version: 9.4.0.6
CPE:
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.4.0.6:r2:*:*:sc2:*:*:*
📱
Vulnerable
Version: 9.4.0.7
CPE:
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.4.0.7:r1:*:*:sc2:*:*:*
📱
Vulnerable
Version: 9.4.0.10
CPE:
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.4.0.10:r1:*:*:sc2:*:*:*
📱
Vulnerable
Version: 9.4.0.10
CPE:
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.4.0.10:r2:*:*:sc2:*:*:*
📱
Vulnerable
Version: 9.4.0.11
CPE:
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.4.0.11:r1:*:*:sc2:*:*:*
📱
Vulnerable
Version: 9.4.0.11
CPE:
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.4.0.11:r2:*:*:sc2:*:*:*
📱
Vulnerable
Version: 9.4.0.11
CPE:
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.4.0.11:r3:*:*:sc2:*:*:*
📱
Vulnerable
Version: 9.4.1.0
CPE:
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.4.1.0:r1:*:*:cd:*:*:*
📱
Vulnerable
Version: 9.4.1.0
CPE:
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.4.1.0:r2:*:*:cd:*:*:*
📱
Vulnerable
Version: 9.4.1.1
CPE:
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.4.1.1:r1:*:*:cd:*:*:*
📱
Vulnerable
Version: 9.4.2.0
CPE:
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.4.2.0:r1:*:*:cd:*:*:*
📱
Vulnerable
Version: 9.4.2.0
CPE:
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.4.2.0:r2:*:*:cd:*:*:*
📱
Vulnerable
Version: 9.4.2.1
CPE:
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.4.2.1:r1:*:*:cd:*:*:*
📱
Vulnerable
Version: 9.4.2.1
CPE:
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.4.2.1:r2:*:*:cd:*:*:*
📱
Vulnerable
Version: 9.4.3.0
CPE:
cpe:2.3:a:ibm:supplied_mq_advanced_container_images:9.4.3.0:r1:*:*:cd:*:*:*
58 productsscroll for more
Metrics
5.9 MEDIUMCVSS v3.1[email protected]
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Attack Vector:
NETWORK
Complexity:
HIGH
Privileges:
NONE
User Interaction:
NONE
Confidentiality:
HIGH
Integrity:
NONE
Availability:
NONE
Scope:
UNCHANGED

🔍 Technical Details

Analysis Status
Analyzed
CVSS Details
5.9 (MEDIUM)v3.1
Source: [email protected]
EPSS Details
0.0% (Minimal)5.8th percentile
Last updated: Oct 31, 2025
Exploitation probability within 30 days
Published Date
Jul 24, 2025 (3 months ago)
Last Modified
Aug 22, 2025 (2 months ago)
Security Weaknesses1
References2