Lucene search
IBMC788695761CF6823011467BBB0DAB41B372191B47EFFE46CD2F53FA0F2574532HistoryJun 07, 2023 - 1:32 p.m.
Security Bulletin: IBM MQ for HP NonStop Server is affected by vulnerability CVE-2022-43919
2023-06-0713:32:20
www.ibm.com
19
0.001 Low
EPSS
Percentile
19.0%
Summary
IBM MQ is affected by a denial of service vulnerability caused by improper processing of pcf command messages. The issue is described by CVE-2022-43919.
Vulnerability Details
CVEID:CVE-2022-43919
**DESCRIPTION:**IBM MQ 9.2 CD, 9.2 LTS, 9.3 CD, and 9.3 LTS could allow an authenticated attacker with authorization to craft messages to cause a denial of service. IBM X-Force ID: 241354.
CVSS Base score: 5.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/241354 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H)
Affected Products and Versions
| Affected Product(s) | Version(s) |
|---|---|
| IBM MQ for HPE NonStop | 8.1.0 |
Remediation/Fixes
| IBM MQ V8.1 for HPE NonStop | 8.1.0.15 | IT43859 | Upgrade to Fixpack 8.1.0.15 |
|---|
Workarounds and Mitigations
None
| CPE | Name | Operator | Version |
|---|---|---|---|
| ibm mq for hpe nonstop | eq | 8.1 | |
| ibm mq for hpe nonstop | eq | 8.1 |
Related
prion
prion
Authorization
2023-05-05 15:15:00
veracode
veracode
Denial Of Service (DoS)
2023-05-09 06:45:34
cvelist
cvelist
CVE-2022-43919 IBM MQ denial of service
2023-05-05 14:24:44
cve
cve
CVE-2022-43919
2023-05-05 15:15:00
0.001 Low
EPSS
Percentile
19.0%
Related for C788695761CF6823011467BBB0DAB41B372191B47EFFE46CD2F53FA0F2574532