CNVD-2020-17505 — Vulnetix

CNVD-2020-17505 PUBLISHED

IBM MQ（IBM WebSphere MQ）和IBM MQ Appliance都是美国IBM公司的产品。IBM MQ是一款消息传递中间件产品。该产品主要为面向服务的体系结构（SOA）提供可靠的、经过验证的消息传递主干网。IBM MQ Appliance是一款用于快速部署企业级消息中间件的一体机设备。 IBM MQ和IBM MQ Appliance中存在信息泄露漏洞，本地攻击者可利用该漏洞获取敏感信息。

Affected Products

Vendor	Product	Versions
	IBM MQ 8.0
	IBM MQ Appliance 8.0
	IBM MQ 9.1 LTS
	IBM MQ Appliance 9.1 LTS
	IBM IBM MQ 9.0 LTS
	IBM MQ 9.1 CD
	IBM MQ Appliance 9.1 CD

Timeline

Mar 17, 2020 CVE ID Reserved
Mar 18, 2020 CVE Published

References

https://www.ibm.com/blogs/psirt/security-bulletin-ibm-mq-and-ibm-mq-appliance-could-allow-a-local-attacker-to-obtain-sensitive-information-cve-2019-4719/ url
https://exchange.xforce.ibmcloud.com/vulnerabilities/172124 url

Open in Interactive Console →