Lucene search
IBM85CF4213CF1B54F3F1A705484A5974C15D5DBE7A1C17A611A5C6C7560D4E8692HistoryAug 24, 2020 - 5:48 p.m.
Security Bulletin: IBM MQ for HPE NonStop Server is affected by vulnerability CVE-2020-4319
2020-08-2417:48:42
www.ibm.com
8
EPSS
0
Percentile
10.3%
Summary
IBM MQ for HPE NonStop Server is affected by vulnerability CVE-2020-4319
Vulnerability Details
CVEID:CVE-2020-4319
**DESCRIPTION:**IBM MQ, IBM MQ Appliance, and IBM MQ for HPE NonStop 8.0, 9.1 LTS, and 9.1 CD could allow under special circumstances, an authenticated user to obtain sensitive information due to a data leak from an error message within the pre-v7 pubsub logic. IBM X-Force ID: 177402.
CVSS Base score: 3.1
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/177402 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N)
Affected Products and Versions
| Affected Product(s) | Version(s) |
|---|---|
| IBM MQ for HPE NonStop | 8.1.0 |
| IBM MQ for HPE NonStop | 8.0.4 |
Remediation/Fixes
| IBM MQ V8 for HPE NonStop | 8.1.0.6 | IT31787 | Install Fixpack 8.1.0.6 |
|---|
Workarounds and Mitigations
None
Related
veracode
veracode
Information Disclosure
2022-02-16 06:59:50
cvelist
cvelist
CVE-2020-4319
2020-07-28 12:05:26
nvd
nvd
CVE-2020-4319
2020-07-28 12:15:12
prion
prion
Information disclosure
2020-07-28 12:15:00
ibm
ibm
nessus
nessus
cve
cve
CVE-2020-4319
2020-07-28 12:15:12
EPSS
0
Percentile
10.3%
Related for 85CF4213CF1B54F3F1A705484A5974C15D5DBE7A1C17A611A5C6C7560D4E8692