IBM MQ Appliance has resolved a denial of service vulnerability.
CVEID:CVE-2020-4869
**DESCRIPTION:**IBM MQ Appliance is vulnerable to a denial of service, caused by a buffer overflow. A remote attacker could send a specially crafted SNMP query to cause the appliance to reload.
CVSS Base score: 5.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/190831 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H)
Affected Product(s) | Version(s) |
---|---|
IBM MQ Appliance | 9.2 CD |
IBM MQ Appliance | 9.2 LTS |
This vulnerability is addressed by APAR IT34178.
IBM MQ Appliance 9.2 LTS
Apply fixpack 9.2.0.1, or later maintenance.
IBM MQ Appliance 9.2 CD
Apply interim fix firmware for APAR IT34178, or later maintenance.
None