CVE-2020-4319
3.1
CVSS:3.0/UI:N/I:N/PR:L/S:U/C:L/AC:H/A:N/AV:N/E:U/RC:C/RL:O
Summary
IBM MQ, IBM MQ Appliance, and IBM MQ for HPE NonStop 8.0, 9.1 LTS, and 9.1 CD could allow under special circumstances, an authenticated user to obtain sensitive information due to a data leak from an error message within the pre-v7 pubsub logic. IBM X-Force ID: 177402.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| IBM | MQ Appliance | 8.0 | affected |
| IBM | MQ Appliance | 9.1.LTS | affected |
| IBM | MQ Appliance | 9.1.CD | affected |
Weaknesses
- Obtain Information
ADP Enrichment
CVE Program Container
Additional References
- https://www.ibm.com/support/pages/node/6252777
- https://exchange.xforce.ibmcloud.com/vulnerabilities/177402
References
- https://www.ibm.com/support/pages/node/6252777
- https://exchange.xforce.ibmcloud.com/vulnerabilities/177402
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.