Denial of Service Vulnerability in IBM MQ and IBM MQ Appliance
CVE-2020-4375

5.9MEDIUM

Key Information:

Vendor: IBM
Status: MQ Appliance
Vendor: CVE Published:; 28 July 2020

Summary

A vulnerability in IBM MQ and IBM MQ Appliance can lead to a denial of service due to a memory leak that occurs when creating a dynamic queue. This flaw may allow attackers to exploit the issue, potentially causing significant service disruptions and impairing the functionality of the affected products. Organizations using these versions should take immediate action to secure their deployments.

Affected Version(s)

MQ Appliance 8.0

MQ Appliance 9.1.LTS

MQ Appliance 9.1.CD

References

https://www.ibm.com/support/pages/node/6252785

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/179080

vdb-entryx_refsource_XF

CVSS V3.1

Score:

5.9

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jul 28, 2020
Vulnerability Reserved
Dec 30, 2019