CVSS: 6.5EPSS: 0%CPEs: 9EXPL: 0CVE-2020-4320
https://notcve.org/view.php?id=CVE-2020-4320
IBM MQ Appliance and IBM MQ AMQP Channels 8.0, 9.0 LTS, 9.1 LTS, and 9.1 CD do not correctly block or allow clients based on the certificate distinguished name SSLPEER setting. IBM X-Force ID: 177403. IBM MQ Appliance e IBM MQ AMQP Channels versiones 8.0, 9.0 LTS, 9.1 LTS y 9.1 CD, no bloquean ni habilitan correctamente a los clientes basados en la configuración SSLPEER del nombre distinguido del certificado. IBM X-Force ID: 177403 • https://exchange.xforce.ibmcloud.com/vulnerabilities/177403 https://www.ibm.com/support/pages/node/5736885 • CWE-295: Improper Certificate Validation •
CVSS: 7.5EPSS: 0%CPEs: 11EXPL: 0CVE-2020-4310
https://notcve.org/view.php?id=CVE-2020-4310
IBM MQ and MQ Appliance 7.1, 7.5, 8.0, 9.0 LTS, 9.1 LTS, and 9.1 C are vulnerable to a denial of service attack due to an error within the Data Conversion logic. IBM X-Force ID: 177081. IBM MQ y MQ Appliance versiones 7.1, 7.5, 8.0, 9.0 LTS, 9.1 LTS y versión 9.1 C, son vulnerables a un ataque de denegación de servicio debido a un error en la lógica de Conversión de Datos. ID de IBM X-Force: 177081 • https://exchange.xforce.ibmcloud.com/vulnerabilities/177081 https://www.ibm.com/support/pages/node/6223914 •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2020-4267
https://notcve.org/view.php?id=CVE-2020-4267
IBM MQ and MQ Appliance 8.0, 9.1 LTS, and 9.1 CD could allow an authenticated user cause a denial of service due to a memory leak. IBM X-Force ID: 175840. IBM MQ y MQ Appliance versiones 8.0, 9.1 LTS y 9.1 CD, podrían permitir a un usuario autenticado causar una denegación de servicio debido a una pérdida de la memoria. ID de IBM X-Force: 175840. • https://exchange.xforce.ibmcloud.com/vulnerabilities/175840 https://www.ibm.com/support/pages/node/6195384 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2020-4338
https://notcve.org/view.php?id=CVE-2020-4338
IBM MQ 9.1.4 could allow a local attacker to obtain sensitive information by inclusion of sensitive data within runmqras data. IBM X-Force ID: 177937. IBM MQ versión 9.1.4, podría permitir a un atacante local obtener información confidencial mediante la inclusión de datos confidenciales dentro de datos runmqras. IBM X-Force ID: 177937. • https://exchange.xforce.ibmcloud.com/vulnerabilities/177937 https://www.ibm.com/support/pages/node/6172539 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2019-4762
https://notcve.org/view.php?id=CVE-2019-4762
IBM MQ 9.0 and 9.1 is vulnerable to a denial of service attack due to an error in the Channel processing function. IBM X-Force ID: 173625. IBM MQ versiones 9.0 y 9.1, es vulnerable a un ataque de denegación de servicio debido a un error en la función Channel processing. IBM X-Force ID: 173625. • https://exchange.xforce.ibmcloud.com/vulnerabilities/173625 https://www.ibm.com/support/pages/node/4832931 •