IBM MQ is affected by a denial of service vulnerability caused by improper processing of pcf command messages. The issue is described by CVE-2022-43919.
CVEID:CVE-2022-43919
**DESCRIPTION:**IBM MQ 9.2 CD, 9.2 LTS, 9.3 CD, and 9.3 LTS could allow an authenticated attacker with authorization to craft messages to cause a denial of service. IBM X-Force ID: 241354.
CVSS Base score: 5.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/241354 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H)
Affected Product(s) | Version(s) |
---|---|
IBM MQ for HPE NonStop | 8.1.0 |
IBM MQ V8.1 for HPE NonStop | 8.1.0.15 | IT43859 | Upgrade to Fixpack 8.1.0.15 |
---|
None
CPE | Name | Operator | Version |
---|---|---|---|
ibm mq for hpe nonstop | eq | 8.1 | |
ibm mq for hpe nonstop | eq | 8.1 |