CVE-2020-4267

🗓️ 24 Apr 2020 15:50:21Reported by ibmType

IBM MQ & MQ Appliance 8.0, 9.1 LTS, and 9.1 CD allow authenticated user to cause denial of service due to memory leak

Reporter	Title	Published	Views	Family All 11
IBM Security Bulletins	Security Bulletin: IBM MQ could allow an authenticated user to cause a denial of service due to a memory leak. (CVE-2020-4267)	12 Jun 202017:40	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple IBM MQ vulnerabilities affect IBM Sterling Global Mailbox	22 Feb 202214:32	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Sterling B2B Integrator vulnerable to multiple issues due to IBM MQ.	9 Feb 202319:13	–	ibm
IBM Security Bulletins	Security Bulletin: IBM MQ Appliance is affected by a denial of service vulnerability (CVE-2020-4267)	22 Apr 202009:20	–	ibm
CNVD	IBM MQ Appliance Denial of Service Vulnerability (CNVD-2020-27948)	26 Apr 202000:00	–	cnvd
Cvelist	CVE-2020-4267	24 Apr 202015:50	–	cvelist
EUVD	EUVD-2020-25514	7 Oct 202500:30	–	euvd
NVD	CVE-2020-4267	24 Apr 202016:15	–	nvd
Prion	Memory corruption	24 Apr 202016:15	–	prion
Veracode	Denial Of Service (DoS)	16 Feb 202206:05	–	veracode

NVD

Vulners

Node

ibm mqRange8.0.0.0–8.0.0.14

ibm mqRange9.1.0.0–9.1.0.4lts

ibm mq_applianceRange9.1.0–9.1.5continuous_delivery

[
  {
    "product": "MQ Appliance",
    "vendor": "IBM",
    "versions": [
      {
        "status": "affected",
        "version": "8.0.0.3"
      },
      {
        "status": "affected",
        "version": "8.0.0.4"
      },
      {
        "status": "affected",
        "version": "8.0.0.5"
      },
      {
        "status": "affected",
        "version": "8.0.0.6"
      },
      {
        "status": "affected",
        "version": "8.0.0.0"
      },
      {
        "status": "affected",
        "version": "8.0.0.8"
      },
      {
        "status": "affected",
        "version": "8.0.0.10"
      },
      {
        "status": "affected",
        "version": "8.0.0.11"
      },
      {
        "status": "affected",
        "version": "9.1.0.1"
      },
      {
        "status": "affected",
        "version": "9.1.1"
      },
      {
        "status": "affected",
        "version": "8.0.0.1"
      },
      {
        "status": "affected",
        "version": "8.0.0.7"
      },
      {
        "status": "affected",
        "version": "8.0.0.9"
      },
      {
        "status": "affected",
        "version": "8.0.0.12"
      },
      {
        "status": "affected",
        "version": "9.1.0.2"
      },
      {
        "status": "affected",
        "version": "9.1.2"
      },
      {
        "status": "affected",
        "version": "9.1.0.3"
      },
      {
        "status": "affected",
        "version": "9.1.3"
      },
      {
        "status": "affected",
        "version": "9.1"
      },
      {
        "status": "affected",
        "version": "8.0.0.13"
      },
      {
        "status": "affected",
        "version": "9.1.0.4"
      },
      {
        "status": "affected",
        "version": "9.1.4"
      }
    ]
  }
]

Source	Link
exchange	www.exchange.xforce.ibmcloud.com/vulnerabilities/175840
ibm	www.ibm.com/support/pages/node/6195384

21 Nov 2024 05:32Current

6.2Medium risk

Vulners AI Score6.2

CVSS 24

CVSS 3.16.5

CVSS 35.3

EPSS0.00198

CWE-401

ibm mq mq appliance 8.0 9.1 lts 9.1 cd authenticated user denial of service memory leak nvd cve-2020-4267 ibm x-force id: 175840