CVE-2020-4682
8.1
CVSS:3.0/AC:H/I:H/S:U/C:H/UI:N/A:H/AV:N/PR:N/RL:O/RC:C/E:U
Summary
IBM MQ 7.5, 8.0, 9.0, 9.1, 9.2 LTS, and 9.2 CD could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization of trusted data. An attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 186509.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| IBM | MQ | 8.0.0 | affected |
| IBM | MQ | 9.0.0 | affected |
| IBM | MQ | 9.1.0 | affected |
| IBM | MQ | 7.5.0 | affected |
| IBM | MQ | 9.2.0 | affected |
Weaknesses
- Gain Access
ADP Enrichment
CVE Program Container
Additional References
- https://www.ibm.com/support/pages/node/6408626
- https://exchange.xforce.ibmcloud.com/vulnerabilities/186509
References
- https://www.ibm.com/support/pages/node/6408626
- https://exchange.xforce.ibmcloud.com/vulnerabilities/186509
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.