Denial of Service Vulnerability in IBM MQ Appliance Software
CVE-2020-4869

5.3MEDIUM

Key Information:

Vendor: IBM
Status: MQ Appliance
Vendor: CVE Published:; 11 January 2021

Summary

The IBM MQ Appliance 9.2 CD and 9.2 LTS are susceptible to a denial of service attack due to a buffer overflow vulnerability. This flaw allows remote attackers to send specially crafted SNMP queries, which may result in the appliance reloading unexpectedly, leading to potential service disruption. It is crucial for users of affected versions to apply the necessary security updates to protect their systems effectively.

Affected Version(s)

MQ Appliance 9.2.0.0

MQ Appliance 9.2.1

References

https://www.ibm.com/support/pages/node/6398791

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/190831

vdb-entryx_refsource_XF

CVSS V3.1

Score:

5.3

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jan 11, 2021
Vulnerability Reserved
Dec 30, 2019