Denial of Service Vulnerability in IBM MQ and IBM MQ Appliance
CVE-2020-4376

5.3MEDIUM

Key Information:

Vendor: IBM
Status: MQ For HP Nonstop
Vendor: CVE Published:; 1 July 2020

What is CVE-2020-4376?

A vulnerability in IBM MQ and IBM MQ Appliance can allow an attacker to exploit an error in the publish/subscribe logic, potentially causing a denial of service. This issue impacts specific versions of the software, making it crucial for users to apply updates and ensure their systems remain protected against potential attacks that leverage this weakness.

Affected Version(s)

MQ for HPE NonStop 8.1.0

MQ for HPE NonStop 8.0.4

References

https://www.ibm.com/support/pages/node/6242364

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/179081

vdb-entryx_refsource_XF

CVSS V3.1

Score:

5.3

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 1, 2020
Vulnerability Reserved
Dec 30, 2019