Lucene search
IBMA54D39326B460137065BAD6B3F14841BD47EF6D505537159E0A4A4F3CEA8AC90HistoryJul 27, 2020 - 9:19 a.m.
Security Bulletin: IBM MQ Appliance is vulnerable to a denial of service vulnerability (CVE-2020-4466)
2020-07-2709:19:07
www.ibm.com
8
0.001 Low
EPSS
Percentile
45.6%
Summary
IBM MQ Appliance has resolved a denial of service vulnerability.
Vulnerability Details
CVEID:CVE-2020-4466
**DESCRIPTION:**IBM MQ, IBM MQ Appliance, and IBM MQ for HPE NonStop could allow a remote authenticated attacker to cause a denial of service due to an error within the Queue processing function.
CVSS Base score: 6.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/181563 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)
Affected Products and Versions
| Affected Product(s) | Version(s) |
|---|---|
| IBM MQ Appliance | 8.0 |
| IBM MQ Appliance | 9.1 LTS |
| IBM MQ Appliance | 9.1 CD |
Remediation/Fixes
IBM MQ Appliance 8.0
Apply fixpack 8.0.0.15, or later.
IBM MQ Appliance V9.1 LTS
Apply FixPack 9.1.0.5, or later.
IBM MQ Appliance V9.1 CD
Upgrade to IBM MQ 9.1.5, or later.
Workarounds and Mitigations
None
Related
nessus
nessus
prion
prion
Code injection
2020-07-20 14:15:00
cve
cve
CVE-2020-4466
2020-07-20 14:15:10
cvelist
cvelist
CVE-2020-4466
2020-07-17 00:00:00
ibm
ibm
nvd
nvd
CVE-2020-4466
2020-07-20 14:15:10
0.001 Low
EPSS
Percentile
45.6%
Related for A54D39326B460137065BAD6B3F14841BD47EF6D505537159E0A4A4F3CEA8AC90