IBM MQ Appliance has resolved a denial of service vulnerability.
CVEID:CVE-2021-29843
**DESCRIPTION:**IBM MQ is vulnerable to a denial of service attack caused by an issue processing message properties.
CVSS Base score: 5.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/205203 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H)
Affected Product(s) | Version(s) |
---|---|
IBM MQ Appliance | 9.1 LTS |
IBM MQ Appliance | 9.1 CD |
IBM MQ Appliance | 9.2 LTS |
IBM MQ Appliance | 9.2 CD |
This vulnerability is addressed under APAR IT35489.
IBM MQ Appliance version 9.1 LTS
Apply fixpack 9.1.0.9, or later firmware.
IBM MQ Appliance version 9.1 CD
Upgrade to 9.2.3 iFix IT35489, or later firmware.
IBM MQ Appliance version 9.2 LTS
Apply fixpack 9.2.0.3, or later firmware.
IBM MQ Appliance version 9.2 CD
Apply iFix IT35489, or later firmware.
None