IBM MQ Appliance has resolved an information disclosure vulnerability.
CVEID:CVE-2020-4528
**DESCRIPTION:**IBM MQ Appliance could allow a local user, under special conditions, to obtain highly sensitive information from log files.
CVSS Base score: 5.9
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/182658 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N)
Affected Product(s) | Version(s) |
---|---|
IBM MQ Appliance | 9.1 LTS |
IBM MQ Appliance | 9.2 |
IBM MQ Appliance | 9.1 CD |
IBM MQ Appliance 9.1 LTS
Apply iFix IT33097, or later maintenance
IBM MQ Appliance 9.1 CD
Upgrade to 9.2.0.1 LTS Fixpack, or later maintenance*
IBM MQ Appliance 9.2
Apply 9.2.0.1 LTS Fixpack, or later maintenance
None