Privilege Escalation Vulnerability in IBM MQ for HPE NonStop
CVE-2020-4352

4.9MEDIUM

Key Information:

Vendor
IBM
Vendor
CVE Published:
29 May 2020

Summary

IBM MQ running on HPE NonStop versions 8.0.4 and 8.1.0 can be exploited due to a privilege escalation vulnerability when operating in restricted mode. This flaw allows an attacker to gain elevated permissions, potentially compromising the security of the system. Users are advised to implement the available patches and mitigation strategies to safeguard their installations against potential exploits.

Affected Version(s)

MQ for HPE NonStop 8.1.0

MQ for HPE NonStop 8.0.4

References

CVSS V3.1

Score:
4.9
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Local
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.