IBM MQ Appliance has resolved a buffer overflow vulnerability.
CVEID:CVE-2020-4465
**DESCRIPTION:**IBM MQ, IBM MQ Appliance, and IBM MQ for HPE NonStop are vulnerable to a buffer overflow vulnerability due to an error within the channel processing code. A remote attacker could overflow the buffer using an older client and cause a denial of service.
CVSS Base score: 5.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/181562 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H)
Affected Product(s) | Version(s) |
---|---|
IBM MQ Appliance | 8.0 |
IBM MQ Appliance | 9.1 LTS |
IBM MQ Appliance | 9.1 CD |
IBM MQ Appliance 8.0
Apply fixpack 8.0.0.15, or later.
IBM MQ Appliance 9.1 LTS
Apply fixpack 9.1.0.6, or later.
IBM MQ Appliance 9.1 CD
Apply IBM MQ Appliance 9.2, or later.
None