CVE Vulnerabilities

CVE-2025-36005

Improper Certificate Validation

Published: Jul 24, 2025 | Modified: Aug 22, 2025
CVSS 3.x
6.5
MEDIUM
Source:
NVD
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CVSS 2.x
RedHat/V2
RedHat/V3
Ubuntu

IBM MQ Operator LTS 2.0.0 through 2.0.29, MQ Operator CD 3.0.0, 3.0.1, 3.1.0 through 3.1.3, 3.3.0, 3.4.0, 3.4.1, 3.5.0, 3.5.1, 3.6.0, and MQ Operator SC2 3.2.0 through 3.2.13 Internet Pass-Thru could allow a malicious user to obtain sensitive information from another TLS session connection by the proxy to the same hostname and port due to improper certificate validation.

Weakness

The product does not validate, or incorrectly validates, a certificate.

Affected Software

Name Vendor Start Version End Version
Mq_operator Ibm 2.0.0 (including) 2.0.29 (including)
Mq_operator Ibm 3.2.0 (including) 3.2.13 (including)
Mq_operator Ibm 3.5.1 (including) 3.6.0 (including)
Mq_operator Ibm 3.3.0 (including) 3.3.0 (including)
Mq_operator Ibm 3.4.0 (including) 3.4.0 (including)
Mq_operator Ibm 3.4.1 (including) 3.4.1 (including)
Mq_operator Ibm 3.5.0 (including) 3.5.0 (including)
Supplied_mq_advanced_container_images Ibm 9.3.0.0-r1 (including) 9.3.0.0-r1 (including)
Supplied_mq_advanced_container_images Ibm 9.3.0.0-r2 (including) 9.3.0.0-r2 (including)
Supplied_mq_advanced_container_images Ibm 9.3.0.0-r3 (including) 9.3.0.0-r3 (including)
Supplied_mq_advanced_container_images Ibm 9.3.0.1-r1 (including) 9.3.0.1-r1 (including)
Supplied_mq_advanced_container_images Ibm 9.3.0.1-r2 (including) 9.3.0.1-r2 (including)
Supplied_mq_advanced_container_images Ibm 9.3.0.1-r3 (including) 9.3.0.1-r3 (including)
Supplied_mq_advanced_container_images Ibm 9.3.0.1-r4 (including) 9.3.0.1-r4 (including)
Supplied_mq_advanced_container_images Ibm 9.3.0.3-r1 (including) 9.3.0.3-r1 (including)
Supplied_mq_advanced_container_images Ibm 9.3.0.4-r1 (including) 9.3.0.4-r1 (including)
Supplied_mq_advanced_container_images Ibm 9.3.0.4-r2 (including) 9.3.0.4-r2 (including)
Supplied_mq_advanced_container_images Ibm 9.3.0.5-r1 (including) 9.3.0.5-r1 (including)
Supplied_mq_advanced_container_images Ibm 9.3.0.5-r2 (including) 9.3.0.5-r2 (including)
Supplied_mq_advanced_container_images Ibm 9.3.0.5-r3 (including) 9.3.0.5-r3 (including)
Supplied_mq_advanced_container_images Ibm 9.3.0.6-r1 (including) 9.3.0.6-r1 (including)
Supplied_mq_advanced_container_images Ibm 9.3.0.10-r1 (including) 9.3.0.10-r1 (including)
Supplied_mq_advanced_container_images Ibm 9.3.0.10-r2 (including) 9.3.0.10-r2 (including)
Supplied_mq_advanced_container_images Ibm 9.3.0.11-r1 (including) 9.3.0.11-r1 (including)
Supplied_mq_advanced_container_images Ibm 9.3.0.11-r2 (including) 9.3.0.11-r2 (including)
Supplied_mq_advanced_container_images Ibm 9.3.0.15-r1 (including) 9.3.0.15-r1 (including)
Supplied_mq_advanced_container_images Ibm 9.3.0.16-r1 (including) 9.3.0.16-r1 (including)
Supplied_mq_advanced_container_images Ibm 9.3.0.16-r2 (including) 9.3.0.16-r2 (including)
Supplied_mq_advanced_container_images Ibm 9.3.0.17-r1 (including) 9.3.0.17-r1 (including)
Supplied_mq_advanced_container_images Ibm 9.3.0.17-r2 (including) 9.3.0.17-r2 (including)
Supplied_mq_advanced_container_images Ibm 9.3.0.17-r3 (including) 9.3.0.17-r3 (including)
Supplied_mq_advanced_container_images Ibm 9.3.0.20-r1 (including) 9.3.0.20-r1 (including)
Supplied_mq_advanced_container_images Ibm 9.3.0.20-r2 (including) 9.3.0.20-r2 (including)
Supplied_mq_advanced_container_images Ibm 9.3.0.21-r1 (including) 9.3.0.21-r1 (including)
Supplied_mq_advanced_container_images Ibm 9.3.0.21-r2 (including) 9.3.0.21-r2 (including)
Supplied_mq_advanced_container_images Ibm 9.3.0.21-r3 (including) 9.3.0.21-r3 (including)
Supplied_mq_advanced_container_images Ibm 9.3.0.25-r1 (including) 9.3.0.25-r1 (including)
Supplied_mq_advanced_container_images Ibm 9.4.0.0-r1 (including) 9.4.0.0-r1 (including)
Supplied_mq_advanced_container_images Ibm 9.4.0.0-r2 (including) 9.4.0.0-r2 (including)
Supplied_mq_advanced_container_images Ibm 9.4.0.0-r3 (including) 9.4.0.0-r3 (including)
Supplied_mq_advanced_container_images Ibm 9.4.0.5-r1 (including) 9.4.0.5-r1 (including)
Supplied_mq_advanced_container_images Ibm 9.4.0.5-r2 (including) 9.4.0.5-r2 (including)
Supplied_mq_advanced_container_images Ibm 9.4.0.6-r1 (including) 9.4.0.6-r1 (including)
Supplied_mq_advanced_container_images Ibm 9.4.0.6-r2 (including) 9.4.0.6-r2 (including)
Supplied_mq_advanced_container_images Ibm 9.4.0.7-r1 (including) 9.4.0.7-r1 (including)
Supplied_mq_advanced_container_images Ibm 9.4.0.10-r1 (including) 9.4.0.10-r1 (including)
Supplied_mq_advanced_container_images Ibm 9.4.0.10-r2 (including) 9.4.0.10-r2 (including)
Supplied_mq_advanced_container_images Ibm 9.4.0.11-r1 (including) 9.4.0.11-r1 (including)
Supplied_mq_advanced_container_images Ibm 9.4.0.11-r2 (including) 9.4.0.11-r2 (including)
Supplied_mq_advanced_container_images Ibm 9.4.0.11-r3 (including) 9.4.0.11-r3 (including)
Supplied_mq_advanced_container_images Ibm 9.4.1.0-r1 (including) 9.4.1.0-r1 (including)
Supplied_mq_advanced_container_images Ibm 9.4.1.0-r2 (including) 9.4.1.0-r2 (including)
Supplied_mq_advanced_container_images Ibm 9.4.1.1-r1 (including) 9.4.1.1-r1 (including)
Supplied_mq_advanced_container_images Ibm 9.4.2.0-r1 (including) 9.4.2.0-r1 (including)
Supplied_mq_advanced_container_images Ibm 9.4.2.0-r2 (including) 9.4.2.0-r2 (including)
Supplied_mq_advanced_container_images Ibm 9.4.2.1-r1 (including) 9.4.2.1-r1 (including)
Supplied_mq_advanced_container_images Ibm 9.4.2.1-r2 (including) 9.4.2.1-r2 (including)
Supplied_mq_advanced_container_images Ibm 9.4.3.0-r1 (including) 9.4.3.0-r1 (including)

Potential Mitigations

References