Denial of Service Vulnerability in IBM MQ for HPE NonStop
CVE-2020-4466

6.5MEDIUM

Key Information:

Vendor: IBM
Status: MQ For HP Nonstop
Vendor: CVE Published:; 20 July 2020

Summary

IBM MQ for HPE NonStop versions 8.0.4 and 8.1.0 have a vulnerability that could be exploited by remote authenticated attackers to cause a denial of service. This issue arises from an error within the queue processing function, potentially leading to interrupted services. Organizations using these versions are urged to assess their risk and apply relevant patches or mitigations.

Affected Version(s)

MQ for HPE NonStop 8.1.0

MQ for HPE NonStop 8.0.4

References

https://www.ibm.com/support/pages/node/6250473

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/181563

vdb-entryx_refsource_XF

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jul 20, 2020
Vulnerability Reserved
Dec 30, 2019