cbcvebase.
CVE-2020-4938
published 2021-07-12

CVE-2020-4938: IBM MQ Appliance 9.1 and 9.2 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions…

high8.8CVSS 3.1
AVNACLPRNUIRSUCHIHAH
IBM MQ Appliance 9.1 and 9.2 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 191815.

Affected

14 ranges
VendorProductVersion rangeFixed in
ibmmq_appliance
ibmmq_appliance
ibmmq_appliance>= 9.1 < 9.2.29.2.2
ibmmq_appliance>= 9.1.0.0 < 9.1.0.89.1.0.8
ibmmq_appliance>= 9.2.0.0 < 9.2.0.29.2.0.2
msrcmicrosoft_365_apps_for_enterprise_for_32-bit_systems
msrcmicrosoft_365_apps_for_enterprise_for_64-bit_systems
msrcmicrosoft_office_2010_service_pack_2
msrcmicrosoft_office_2019_for_32-bit_editions
msrcmicrosoft_office_2019_for_64-bit_editions
msrcmicrosoft_word_2010_service_pack_2
msrcmicrosoft_word_2013_rt_service_pack_1
msrcmicrosoft_word_2013_service_pack_1
msrcmicrosoft_word_2016