Lucene search
IBM9CD2A3B99D1B9A7678480F7AED87D1B2E65EE75925317BF8FDFCAC3E5918DB3CHistoryJul 27, 2020 - 9:21 a.m.
Security Bulletin: IBM MQ Appliance is vulnerable to a denial of service vulnerability (CVE-2020-4375)
2020-07-2709:21:35
www.ibm.com
7
EPSS
0.001
Percentile
36.0%
Summary
IBM MQ Appliance has resolved a denial of service vulnerability.
Vulnerability Details
CVEID:CVE-2020-4375
**DESCRIPTION:**IBM MQ, IBM MQ Appliance, IBM MQ for HPE NonStop could allow an attacker to cause a denial of service due to a memory leak caused by an error creating a dynamic queue.
CVSS Base score: 5.9
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/179080 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H)
Affected Products and Versions
| Affected Product(s) | Version(s) |
|---|---|
| IBM MQ Appliance | 8.0 |
| IBM MQ Appliance | 9.1 LTS |
| IBM MQ Appliance | 9.1 CD |
Remediation/Fixes
IBM MQ Appliance 8.0
Apply fixpack 8.0.0.15, or later.
IBM MQ Appliance 9.1 LTS
Apply fixpack 9.1.0.5, or later.
IBM MQ Appliance 9.1 CD
Apply IBM MQ Appliance 9.2, or later.
Workarounds and Mitigations
None
Related
ibm
ibm
prion
prion
Memory corruption
2020-07-28 12:15:00
cvelist
cvelist
CVE-2020-4375
2020-07-27 00:00:00
veracode
veracode
Denial Of Service (DoS)
2022-02-16 07:04:45
nvd
nvd
CVE-2020-4375
2020-07-28 12:15:12
cve
cve
CVE-2020-4375
2020-07-28 12:15:12
EPSS
0.001
Percentile
36.0%
Related for 9CD2A3B99D1B9A7678480F7AED87D1B2E65EE75925317BF8FDFCAC3E5918DB3C