CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2020-4465
https://notcve.org/view.php?id=CVE-2020-4465
IBM MQ, IBM MQ Appliance, and IBM MQ for HPE NonStop 8.0, 9.1 CD, and 9.1 LTS is vulnerable to a buffer overflow vulnerability due to an error within the channel processing code. A remote attacker could overflow the buffer using an older client and cause a denial of service. IBM X-Force ID: 181562. IBM MQ, IBM MQ Appliance e IBM MQ para HPE NonStop versiones 8.0, 9.1 CD y 9.1 LTS, es susceptible a una vulnerabilidad de desbordamiento de búfer debido a un error dentro del código de procesamiento de canal. Un atacante remoto podría desbordar el búfer usando un cliente antiguo y causar una denegación de servicio. • https://exchange.xforce.ibmcloud.com/vulnerabilities/181562 https://www.ibm.com/support/pages/node/6252783 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2020-4375
https://notcve.org/view.php?id=CVE-2020-4375
IBM MQ, IBM MQ Appliance, IBM MQ for HPE NonStop 8.0, 9.1 CD, and 9.1 LTS could allow an attacker to cause a denial of service due to a memory leak caused by an error creating a dynamic queue. IBM X-Force ID: 179080. IBM MQ, IBM MQ Appliance, IBM MQ para HPE NonStop versiones 8.0, 9.1 CD y 9.1 LTS, podrían permitir a un atacante causar una denegación de servicio debido a una pérdida de memoria causada por un error al crear una cola dinámica. IBM X-Force ID: 179080 • https://exchange.xforce.ibmcloud.com/vulnerabilities/179080 https://www.ibm.com/support/pages/node/6252785 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 4.3EPSS: 0%CPEs: 3EXPL: 0CVE-2020-4319
https://notcve.org/view.php?id=CVE-2020-4319
IBM MQ, IBM MQ Appliance, and IBM MQ for HPE NonStop 8.0, 9.1 LTS, and 9.1 CD could allow under special circumstances, an authenticated user to obtain sensitive information due to a data leak from an error message within the pre-v7 pubsub logic. IBM X-Force ID: 177402. IBM MQ, IBM MQ Appliance e IBM MQ for HPE NonStop 8.0, 9.1 LTS y 9.1 CD, podrían permitir en circunstancias especiales, a un usuario autenticado obtener información confidencial debido a una filtración de datos de un mensaje de error dentro de la lógica pre-v7 pubsub. IBM X-Force ID: 177402 • https://exchange.xforce.ibmcloud.com/vulnerabilities/177402 https://www.ibm.com/support/pages/node/6252777 • CWE-209: Generation of Error Message Containing Sensitive Information •
CVSS: 5.5EPSS: 0%CPEs: 13EXPL: 0CVE-2019-4719
https://notcve.org/view.php?id=CVE-2019-4719
IBM MQ and IBM MQ Appliance 7.1, 7.5, 8.0, 9.0 LTS, 9.1 LTS, and 9.1 CD could allow a local attacker to obtain sensitive information by inclusion of sensitive data within runmqras data. IBM MQ e IBM MQ Appliance versiones 7.1, 7.5, 8.0, 9.0 LTS, 9.1 LTS y 9.1 CD, podrían permitir a un atacante local obtener información confidencial mediante la inclusión de datos confidenciales dentro de los datos runmqras. • https://exchange.xforce.ibmcloud.com/vulnerabilities/172124 https://www.ibm.com/support/pages/node/1136608 •
CVSS: 6.5EPSS: 0%CPEs: 11EXPL: 0CVE-2019-4656
https://notcve.org/view.php?id=CVE-2019-4656
IBM MQ and IBM MQ Appliance 7.1, 7.5, 8.0, 9.0 LTS, 9.1 LTS, and 9.1 CD is vulnerable to a denial of service attack that would allow an authenticated user to crash the queue and require a restart due to an error processing error messages. IBM X-Force ID: 170967. IBM MQ e IBM MQ Appliance versiones 7.1, 7.5, 8.0, 9.0 LTS, 9.1 LTS y 9.1 CD, es vulnerable a un ataque de denegación de servicio que permitiría a un usuario autenticado bloquear la cola y requerir un reinicio debido a un fallo al procesar los mensajes de error. ID de IBM X-Force: 170967. • https://exchange.xforce.ibmcloud.com/vulnerabilities/170967 https://www.ibm.com/support/pages/node/1135095 •