CVE-2020-4319
published 2020-07-28CVE-2020-4319: IBM MQ, IBM MQ Appliance, and IBM MQ for HPE NonStop 8.0, 9.1 LTS, and 9.1 CD could allow under special circumstances, an authenticated user to obtain…
medium4.3CVSS 3.1
AVNACLPRLUINSUCLINAN
IBM MQ, IBM MQ Appliance, and IBM MQ for HPE NonStop 8.0, 9.1 LTS, and 9.1 CD could allow under special circumstances, an authenticated user to obtain sensitive information due to a data leak from an error message within the pre-v7 pubsub logic. IBM X-Force ID: 177402.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ibm | mq_appliance | — | — |
| ibm | mq_appliance | — | — |
| ibm | mq_appliance | — | — |
| ibm | mq_appliance | >= 8.0 < 8.0.0.15 | 8.0.0.15 |
| ibm | mq_appliance | >= 9.1.0.0 < 9.1.0.6 | 9.1.0.6 |
| ibm | mq_appliance | >= 9.1.0.0 < 9.2.0.0 | 9.2.0.0 |