CVE-2020-4465

Name of the Vulnerable Software and Affected Versions IBM MQ, IBM MQ Appliance, and IBM MQ for HPE NonStop versions 8.0, 9.1 CD, and 9.1 LTS

Description The issue is caused by an error within the channel processing code, leading to a buffer overflow vulnerability. A remote attacker could exploit this using an older client, potentially causing a denial of service.

Recommendations For versions 8.0, 9.1 CD, and 9.1 LTS, consider restricting access to the channel processing code as a temporary mitigation measure until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.