Security Bulletin: IBM MQ is vulnerable to an issue in IBM® Runtime Environment Java™ Technology Edition. (CVE-2020-14779)

2021-05-2018:03:12

www.ibm.com

ibm

runtime environment

java

cve-2020-14779

vulnerability

serialization

denial of service

fix pack

apar it35901

EPSS

0.003

Percentile

70.4%

JSON

Summary

An issue was identified within IBM® Runtime Environment Java™ Technology Edition that is shipped with and used by IBM MQ.

Vulnerability Details

CVEID:CVE-2020-14779
**DESCRIPTION:**An unspecified vulnerability in Java SE related to the Serialization component could allow an unauthenticated attacker to cause a denial of service resulting in a low availability impact using unknown attack vectors.
CVSS Base score: 3.7
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/190097 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L)