Lucene search
IBMA8C7441FABFBB628D8B8E48CDB35AB805C41CF046B8C42EEA15D691CA9526A76HistoryJun 26, 2020 - 3:54 p.m.
Security Bulletin: IBM MQ is vulnerable to a denial of service attack due to an error within the Data Conversion logic. (CVE-2020-4310)
2020-06-2615:54:37
www.ibm.com
14
EPSS
0.001
Percentile
30.9%
Summary
An issue was found within the data conversion logic that could cause a SIGSEGV and denial of service.
Vulnerability Details
CVEID:CVE-2020-4310
**DESCRIPTION:**IBM MQ and MQ Appliance 7.1, 7.5, 8.0, 9.0 LTS, 9.1 LTS, and 9.1 CD are vulnerable to a denial of service attack due to an error within the Data Conversion logic. IBM X-Force ID: 177081.
CVSS Base score: 5.9
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/177081 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H)
Affected Products and Versions
| Affected Product(s) | Version(s) |
|---|---|
| IBM MQ Appliance | 8.0 |
| IBM MQ Appliance | 9.1 LTS |
| IBM MQ Appliance | 9.1 CD |
Remediation/Fixes
IBM MQ Appliance 8
Apply FixPack 8.0.0.15
IBM MQ Appliance 9.1 LTS
Apply FixPack 9.1.0.5
IBM MQ Appliance 9.1 CD
Apply FixPack 9.1.5
Workarounds and Mitigations
None
Related
ibm
ibm
Security Bulletin: IBM MQ for HPE NonStop Server is affected by vulnerability CVE-2020-4310
2020-06-30 19:39:55
Security Bulletin: IBM MQ is vulnerable to a denial of service attack due to an error within the Data Conversion logic. (CVE-2020-4310)
2020-09-24 10:55:33
Security Bulletin: Multiple IBM MQ Vulnerabilities Affect IBM Control Center
2021-05-14 21:31:03
veracode
veracode
Denial Of Service (DoS)
2022-02-16 06:39:53
cvelist
cvelist
CVE-2020-4310
2020-06-16 13:45:21
nessus
nessus
cve
cve
CVE-2020-4310
2020-06-16 14:15:11
prion
prion
Code injection
2020-06-16 14:15:00
nvd
nvd
CVE-2020-4310
2020-06-16 14:15:11
EPSS
0.001
Percentile
30.9%
Related for A8C7441FABFBB628D8B8E48CDB35AB805C41CF046B8C42EEA15D691CA9526A76