CVE-2020-4320
5.3
CVSS:3.0/AV:N/I:N/AC:H/S:U/PR:L/A:H/C:N/UI:N/RC:C/RL:O/E:U
Summary
IBM MQ Appliance and IBM MQ AMQP Channels 8.0, 9.0 LTS, 9.1 LTS, and 9.1 CD do not correctly block or allow clients based on the certificate distinguished name SSLPEER setting. IBM X-Force ID: 177403.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| IBM | MQ | 8.0 | affected |
| IBM | MQ | 9.0.LTS | affected |
| IBM | MQ | 9.1.LTS | affected |
| IBM | MQ | 9.1.CD | affected |
Weaknesses
- Denial of Service
ADP Enrichment
CVE Program Container
Additional References
- https://www.ibm.com/support/pages/node/5736885
- https://exchange.xforce.ibmcloud.com/vulnerabilities/177403
References
- https://www.ibm.com/support/pages/node/5736885
- https://exchange.xforce.ibmcloud.com/vulnerabilities/177403
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.