Lucene search
IBME821C3818DE5E8753D47BB69AC08BA9CCC5376B622A48EAF69CD1BE44985DA4BHistoryJan 08, 2021 - 5:33 p.m.
Security Bulletin: IBM MQ Appliance is affected by a denial of service vulnerability (CVE-2020-4869)
2021-01-0817:33:54
www.ibm.com
12
ibm mq appliance
denial of service
vulnerability
apar it34178
buffer overflow
snmp query
fixpack 9.2.0.1
interim fix firmware
EPSS
0.001
Percentile
43.8%
Summary
IBM MQ Appliance has resolved a denial of service vulnerability.
Vulnerability Details
CVEID:CVE-2020-4869
**DESCRIPTION:**IBM MQ Appliance is vulnerable to a denial of service, caused by a buffer overflow. A remote attacker could send a specially crafted SNMP query to cause the appliance to reload.
CVSS Base score: 5.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/190831 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H)
Affected Products and Versions
| Affected Product(s) | Version(s) |
|---|---|
| IBM MQ Appliance | 9.2 CD |
| IBM MQ Appliance | 9.2 LTS |
Remediation/Fixes
This vulnerability is addressed by APAR IT34178.
IBM MQ Appliance 9.2 LTS
Apply fixpack 9.2.0.1, or later maintenance.
IBM MQ Appliance 9.2 CD
Apply interim fix firmware for APAR IT34178, or later maintenance.
Workarounds and Mitigations
None
Related
prion
prion
Buffer overflow
2021-01-11 17:15:00
cve
cve
CVE-2020-4869
2021-01-11 17:15:12
nvd
nvd
CVE-2020-4869
2021-01-11 17:15:12
ibm
ibm
Security Bulletin: IBM DataPower Gateway vulnerable to a DoS attack
2021-06-08 21:52:38
cvelist
cvelist
CVE-2020-4869
2021-01-11 17:10:15
EPSS
0.001
Percentile
43.8%
Related for E821C3818DE5E8753D47BB69AC08BA9CCC5376B622A48EAF69CD1BE44985DA4B