An error was found within the SSLPEER logic within a AMQP channel that meant it would not block/allow certificates as expected.
CVEID:CVE-2020-4320
**DESCRIPTION:**IBM MQ Appliance, IBM MQ, AMQP Channels do not correctly block or allow clients based on the certificate distinguished name SSLPEER setting.
CVSS Base score: 5.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/177403 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H)
Affected Product(s) | Version(s) |
---|---|
IBM MQ | 9.1 LTS |
IBM MQ | 9.0 LTS |
IBM MQ | 8.0 |
IBM MQ | 9.1 CD |
IBM MQ and IBM MQ Appliance V8
Apply FixPack 8.0.0.15
IBM MQ V9 LTS
Apply FixPack 9.0.0.10
IBM MQ and IBM MQ Appliance V9.1 LTS
Apply FixPack 9.1.0.5
IBM MQ and IBM MQ Appliance V9.1 CD
Apply FixPack 9.1.5
None