CVE-2019-4655 MEDIUM

CVE-2019-4655

Vendor Ibm
Product MQ
Published December 30, 2019
Last update September 17, 2024

CVSS base score

4.3/10
Attack vector Network
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality None
Integrity None

CVSS vector

CVSS:3.0/C:N/A:L/S:U/I:N/PR:L/AV:N/AC:L/UI:N/RC:C/E:U/RL:O

What the vulnerability does

01Description

IBM MQ 9.1.0.0, 9.1.0.1, 9.1.0.2, 9.1.0.3, 9.1.1, 9.1.2, and 9.1.3 is vulnerable to a denial of service attack that would allow an authenticated user to reset client connections due to an error within the Data Conversion routine. IBM X-Force ID: 170966.

Key dates

02Disclosure timeline

December 30, 2019 CVE published
September 17, 2024 Record updated