Lucene search
IBM87A5E16BEADE9EF74B25F0CC302979DEE33B638A1C1BA18F92E63F05312B5B06HistoryFeb 23, 2021 - 11:55 a.m.
Security Bulletin: IBM MQ Appliance is affected by a denial of service vulnerability (CVE-2020-4931)
2021-02-2311:55:36
www.ibm.com
8
ibm mq appliance
denial of service
vulnerability
fix
amqp channels
EPSS
0.001
Percentile
32.8%
Summary
IBM MQ Appliance has resolved a denial of service vulnerability for AMQP channels.
Vulnerability Details
CVEID:CVE-2020-4931
**DESCRIPTION:**IBM MQ AMQP Channels could allow an authenticated user to cause a denial of service due to an issue processing messages.
CVSS Base score: 6.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/191747 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)
Affected Products and Versions
| Affected Product(s) | Version(s) |
|---|---|
| IBM MQ Appliance | 9.1 LTS |
| IBM MQ Appliance | 9.2 LTS |
| IBM MQ Appliance | 9.1 CD |
Remediation/Fixes
This vulnerability is addressed by APAR IT34885.
IBM MQ Appliance 9.1 LTS
Apply fixpack 9.1.0.7, or later maintenance.
IBM MQ Appliance 9.1 CD
Upgrade to 9.2.1 CD, or later.
IBM MQ Appliance 9.2 LTS
Apply ifix for APAR IT34885, or later maintenance.
Workarounds and Mitigations
None
Related
cve
cve
CVE-2020-4931
2021-02-24 18:15:12
prion
prion
Denial of service
2021-02-24 18:15:00
ibm
ibm
nvd
nvd
CVE-2020-4931
2021-02-24 18:15:12
cvelist
cvelist
CVE-2020-4931
2021-02-24 17:20:13
EPSS
0.001
Percentile
32.8%
Related for 87A5E16BEADE9EF74B25F0CC302979DEE33B638A1C1BA18F92E63F05312B5B06