CVSS: 10.0EPSS: 3%CPEs: 47EXPL: 0CVE-2020-4682
https://notcve.org/view.php?id=CVE-2020-4682
28 Jan 2021 — IBM MQ 7.5, 8.0, 9.0, 9.1, 9.2 LTS, and 9.2 CD could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization of trusted data. An attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 186509. IBM MQ versiones 7.5, 8.0, 9.0, 9.1, 9.2 LTS y 9.2 CD, podrían permitir a un atacante remoto ejecutar código arbitrario en el sistema, causado por una deserialización no segura de datos confiables. Un atacante podría explotar ... • https://exchange.xforce.ibmcloud.com/vulnerabilities/186509 • CWE-502: Deserialization of Untrusted Data •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2020-4592
https://notcve.org/view.php?id=CVE-2020-4592
18 Nov 2020 — IBM MQ Appliance 9.1.CD and LTS could allow an authenticated user, under nondefault configuration to cause a data corruption attack due to an error when using segmented messages. IBM MQ Appliance versión 9.1.CD y LTS, podrían permitir a un usuario autenticado, bajo una configuración no predeterminada, causar un ataque de corrupción de datos debido a un error al utilizar mensajes segmentados • https://exchange.xforce.ibmcloud.com/vulnerabilities/184755 •
CVSS: 6.5EPSS: 0%CPEs: 9EXPL: 0CVE-2020-4320
https://notcve.org/view.php?id=CVE-2020-4320
16 Jun 2020 — IBM MQ Appliance and IBM MQ AMQP Channels 8.0, 9.0 LTS, 9.1 LTS, and 9.1 CD do not correctly block or allow clients based on the certificate distinguished name SSLPEER setting. IBM X-Force ID: 177403. IBM MQ Appliance e IBM MQ AMQP Channels versiones 8.0, 9.0 LTS, 9.1 LTS y 9.1 CD, no bloquean ni habilitan correctamente a los clientes basados en la configuración SSLPEER del nombre distinguido del certificado. IBM X-Force ID: 177403 • https://exchange.xforce.ibmcloud.com/vulnerabilities/177403 • CWE-295: Improper Certificate Validation •
CVSS: 7.5EPSS: 0%CPEs: 11EXPL: 0CVE-2020-4310
https://notcve.org/view.php?id=CVE-2020-4310
16 Jun 2020 — IBM MQ and MQ Appliance 7.1, 7.5, 8.0, 9.0 LTS, 9.1 LTS, and 9.1 C are vulnerable to a denial of service attack due to an error within the Data Conversion logic. IBM X-Force ID: 177081. IBM MQ y MQ Appliance versiones 7.1, 7.5, 8.0, 9.0 LTS, 9.1 LTS y versión 9.1 C, son vulnerables a un ataque de denegación de servicio debido a un error en la lógica de Conversión de Datos. ID de IBM X-Force: 177081 • https://exchange.xforce.ibmcloud.com/vulnerabilities/177081 •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2020-4267
https://notcve.org/view.php?id=CVE-2020-4267
24 Apr 2020 — IBM MQ and MQ Appliance 8.0, 9.1 LTS, and 9.1 CD could allow an authenticated user cause a denial of service due to a memory leak. IBM X-Force ID: 175840. IBM MQ y MQ Appliance versiones 8.0, 9.1 LTS y 9.1 CD, podrían permitir a un usuario autenticado causar una denegación de servicio debido a una pérdida de la memoria. ID de IBM X-Force: 175840. • https://exchange.xforce.ibmcloud.com/vulnerabilities/175840 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2020-4338
https://notcve.org/view.php?id=CVE-2020-4338
16 Apr 2020 — IBM MQ 9.1.4 could allow a local attacker to obtain sensitive information by inclusion of sensitive data within runmqras data. IBM X-Force ID: 177937. IBM MQ versión 9.1.4, podría permitir a un atacante local obtener información confidencial mediante la inclusión de datos confidenciales dentro de datos runmqras. IBM X-Force ID: 177937. • https://exchange.xforce.ibmcloud.com/vulnerabilities/177937 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2019-4762
https://notcve.org/view.php?id=CVE-2019-4762
16 Apr 2020 — IBM MQ 9.0 and 9.1 is vulnerable to a denial of service attack due to an error in the Channel processing function. IBM X-Force ID: 173625. IBM MQ versiones 9.0 y 9.1, es vulnerable a un ataque de denegación de servicio debido a un error en la función Channel processing. IBM X-Force ID: 173625. • https://exchange.xforce.ibmcloud.com/vulnerabilities/173625 •
CVSS: 5.5EPSS: 0%CPEs: 13EXPL: 0CVE-2019-4719
https://notcve.org/view.php?id=CVE-2019-4719
16 Mar 2020 — IBM MQ and IBM MQ Appliance 7.1, 7.5, 8.0, 9.0 LTS, 9.1 LTS, and 9.1 CD could allow a local attacker to obtain sensitive information by inclusion of sensitive data within runmqras data. IBM MQ e IBM MQ Appliance versiones 7.1, 7.5, 8.0, 9.0 LTS, 9.1 LTS y 9.1 CD, podrían permitir a un atacante local obtener información confidencial mediante la inclusión de datos confidenciales dentro de los datos runmqras. • https://exchange.xforce.ibmcloud.com/vulnerabilities/172124 •
CVSS: 6.5EPSS: 0%CPEs: 11EXPL: 0CVE-2019-4656
https://notcve.org/view.php?id=CVE-2019-4656
16 Mar 2020 — IBM MQ and IBM MQ Appliance 7.1, 7.5, 8.0, 9.0 LTS, 9.1 LTS, and 9.1 CD is vulnerable to a denial of service attack that would allow an authenticated user to crash the queue and require a restart due to an error processing error messages. IBM X-Force ID: 170967. IBM MQ e IBM MQ Appliance versiones 7.1, 7.5, 8.0, 9.0 LTS, 9.1 LTS y 9.1 CD, es vulnerable a un ataque de denegación de servicio que permitiría a un usuario autenticado bloquear la cola y requerir un reinicio debido a un fallo al procesar los mensa... • https://exchange.xforce.ibmcloud.com/vulnerabilities/170967 •
CVSS: 5.5EPSS: 0%CPEs: 13EXPL: 0CVE-2019-4619
https://notcve.org/view.php?id=CVE-2019-4619
16 Mar 2020 — IBM MQ and IBM MQ Appliance 7.1, 7.5, 8.0, 9.0 LTS, 9.1 LTS, and 9.1 CD could allow a local attacker to obtain sensitive information by inclusion of sensitive data within trace. IBM X-Force ID: 168862. IBM MQ e IBM MQ Appliance versiones 7.1, 7.5, 8.0, 9.0 LTS, 9.1 LTS y 9.1 CD, podrían permitir a un atacante local obtener información confidencial mediante la inclusión de datos confidenciales dentro de una traza. ID de IBM X-Force: 168862. • https://exchange.xforce.ibmcloud.com/vulnerabilities/168862 • CWE-209: Generation of Error Message Containing Sensitive Information •