This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
{"id": "CVE-2019-4432", "vendorId": null, "type": "cve", "bulletinFamily": "NVD", "title": "CVE-2019-4432", "description": "This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.", "published": "2023-02-23T21:42:16", "modified": "2023-02-23T21:42:16", "cvss": {}, "cvss2": {}, "cvss3": {}, "href": "", "reporter": "candidate", "references": [], "cvelist": [], "immutableFields": [], "lastseen": "2023-02-23T21:42:16", "viewCount": 9, "enchantments": {"dependencies": {"references": [{"type": "ibm", "idList": ["D4F229685764CECC24D72D45F5EC3F1791519A4D2D5E1013474043C79325EC3F"]}]}, "score": {"value": 1.5, "vector": "NONE"}, "vulnersScore": 1.5}, "_state": {"dependencies": 1677188632, "score": 1684017862, "epss": 1679361349}, "_internal": {"score_hash": "05e4a62f0a19b55b1be54dd59509445c"}, "cna_cvss": {}, "cpe": [], "cpe23": [], "cwe": [], "affectedSoftware": [], "affectedConfiguration": [], "cpeConfiguration": {}, "extraReferences": [], "product_info": [], "exploits": [], "problemTypes": []}
{"ibm": [{"lastseen": "2023-02-23T21:41:58", "description": "## Summary\n\nAn error was found within IBM MQ and IBM MQ Appliance that allows an attacker to perform a denial of service attack by sending specifically crafted messages to a queue manager. Executing this attack will cause the queue manager to stop responding and CPU usage to increase to a high level.\n\n## Vulnerability Details\n\n**CVEID:** [CVE-2019-4432](<https://vulners.com/cve/CVE-2019-4432>) \n**DESCRIPTION:** IBM MQ is vulnerable to a denial of service attack caused by specially constructed messages. \nCVSS Base Score: 6.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/162889> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)\n\n## Affected Products and Versions\n\n_**IBM WebSphere MQ V7.1**_\n\nversions 7.1.0.0 - 7.1.0.9\n\n_**IBM WepSphere MQ V7.5**_\n\nversions 7.5.0.0 - 7.5.0.9\n\n**_IBM MQ and IBM MQ Appliance V8_**\n\nversions 8.0.0.0 - 8.0.0.12\n\n_**IBM MQ V9.0LTS**_\n\nversions 9.0.0.0 - 9.0.0.7\n\n_**IBM MQ and IBM MQ Appliance V9.1 LTS**_\n\nversions 9.1.0.0 - 9.1.0.2\n\n_**IBM MQ and IBM MQ Appliance V9.1 CD**_\n\nversions 9.1.0 - 9.1.2\n\n## Remediation/Fixes\n\n_**IBM WebSphere MQ V7.1**_\n\nContact IBM Support requesting a fix for APAR IT29262\n\n_**IBM WepSphere MQ V7.5**_\n\nContact IBM Support requesting a fix for APAR IT29262\n\n**_IBM MQ and IBM MQ Appliance V8_**\n\n[Apply Fixpack 8.0.0.13](<https://www.ibm.com/support/pages/node/1073376>)\n\n_**IBM MQ V9.0LTS**_\n\n[Apply Fixpack 9.0.0.8](<https://www.ibm.com/support/pages/downloading-ibm-mq-version-9008>)\n\n_**IBM MQ and IBM MQ Appliance V9.1 LTS**_\n\n[Apply Fixpack 9.1.0.3](<https://www.ibm.com/support/pages/downloading-ibm-mq-version-9103>)\n\n_**IBM MQ and IBM MQ Appliance V9.1 CD**_\n\nUpgrade to [IBM MQ 9.1.3](<https://www-01.ibm.com/support/docview.wss?uid=swg24043697>)\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {}, "published": "2019-12-09T18:30:38", "type": "ibm", "title": "Security Bulletin: IBM MQ and IBM MQ Appliance are vulnerable to a denial of service attack caused by specially constructed messages. (CVE-2019-4432)", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2019-4432"], "modified": "2019-12-09T18:30:38", "id": "D4F229685764CECC24D72D45F5EC3F1791519A4D2D5E1013474043C79325EC3F", "href": "https://www.ibm.com/support/pages/node/1073490", "cvss": {"score": 0.0, "vector": "NONE"}}]}