CNVD-2020-17502 — Vulnetix

CNVD-2020-17502 PUBLISHED

IBM MQ（IBM WebSphere MQ）和IBM MQ Appliance都是美国IBM公司的产品。IBM MQ是一款消息传递中间件产品。该产品主要为面向服务的体系结构（SOA）提供可靠的、经过验证的消息传递主干网。IBM MQ Appliance是一款用于快速部署企业级消息中间件的一体机设备。 IBM MQ Appliance和IBM MQ中存在拒绝服务漏洞，该漏洞源于在处理处理错误消息时出现错误，攻击者可利用该漏洞造成拒绝服务。

Affected Products

Vendor	Product	Versions
	IBM IBM MQ 9.0 LTS
	IBM MQ Appliance 9.1 CD
	IBM MQ Appliance 8.0
	IBM MQ 8.0
	IBM MQ Appliance 9.1 LTS
	IBM MQ 9.1 LTS
	IBM MQ 9.1 CD

Timeline

Mar 17, 2020 CVE ID Reserved
Mar 18, 2020 CVE Published

References

https://www.ibm.com/blogs/psirt/security-bulletin-ibm-mq-is-vulnerable-to-a-denial-of-service-attack-caused-by-an-error-processing-error-messages-cve-2019-4656/ url
https://vigilance.fr/vulnerability/IBM-MQ-denial-of-service-31785 url

Open in Interactive Console →