{"containers":{"cna":{"affected":[{"product":"MQ","vendor":"IBM","versions":[{"status":"affected","version":"8.0"},{"status":"affected","version":"9.0.LTS"},{"status":"affected","version":"9.1.LTS"},{"status":"affected","version":"9.1.CD"}]}],"datePublic":"2020-06-15T00:00:00.000Z","descriptions":[{"lang":"en","value":"IBM MQ Appliance and IBM MQ AMQP Channels 8.0, 9.0 LTS, 9.1 LTS, and 9.1 CD do not correctly block or allow clients based on the certificate distinguished name SSLPEER setting. IBM X-Force ID: 177403."}],"metrics":[{"cvssV3_0":{"attackComplexity":"HIGH","attackVector":"NETWORK","availabilityImpact":"HIGH","baseScore":5.3,"baseSeverity":"MEDIUM","confidentialityImpact":"NONE","exploitCodeMaturity":"UNPROVEN","integrityImpact":"NONE","privilegesRequired":"LOW","remediationLevel":"OFFICIAL_FIX","reportConfidence":"CONFIRMED","scope":"UNCHANGED","temporalScore":4.6,"temporalSeverity":"MEDIUM","userInteraction":"NONE","vectorString":"CVSS:3.0/AV:N/I:N/AC:H/S:U/PR:L/A:H/C:N/UI:N/RC:C/RL:O/E:U","version":"3.0"}}],"problemTypes":[{"descriptions":[{"description":"Denial of Service","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2020-06-16T13:45:21.000Z","orgId":"9a959283-ebb5-44b6-b705-dcc2bbced522","shortName":"ibm"},"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://www.ibm.com/support/pages/node/5736885"},{"name":"ibm-mq-cve20204320-dos (177403)","tags":["vdb-entry","x_refsource_XF"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/177403"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"psirt@us.ibm.com","DATE_PUBLIC":"2020-06-15T00:00:00","ID":"CVE-2020-4320","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"MQ","version":{"version_data":[{"version_value":"8.0"},{"version_value":"9.0.LTS"},{"version_value":"9.1.LTS"},{"version_value":"9.1.CD"}]}}]},"vendor_name":"IBM"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"IBM MQ Appliance and IBM MQ AMQP Channels 8.0, 9.0 LTS, 9.1 LTS, and 9.1 CD do not correctly block or allow clients based on the certificate distinguished name SSLPEER setting. IBM X-Force ID: 177403."}]},"impact":{"cvssv3":{"BM":{"A":"H","AC":"H","AV":"N","C":"N","I":"N","PR":"L","S":"U","UI":"N"},"TM":{"E":"U","RC":"C","RL":"O"}}},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"Denial of Service"}]}]},"references":{"reference_data":[{"name":"https://www.ibm.com/support/pages/node/5736885","refsource":"CONFIRM","title":"IBM Security Bulletin 5736885 (MQ)","url":"https://www.ibm.com/support/pages/node/5736885"},{"name":"ibm-mq-cve20204320-dos (177403)","refsource":"XF","title":"X-Force Vulnerability Report","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/177403"}]}}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-04T08:00:07.371Z"},"title":"CVE Program Container","references":[{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://www.ibm.com/support/pages/node/5736885"},{"name":"ibm-mq-cve20204320-dos (177403)","tags":["vdb-entry","x_refsource_XF","x_transferred"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/177403"}]}]},"cveMetadata":{"assignerOrgId":"9a959283-ebb5-44b6-b705-dcc2bbced522","assignerShortName":"ibm","cveId":"CVE-2020-4320","datePublished":"2020-06-16T13:45:21.961Z","dateReserved":"2019-12-30T00:00:00.000Z","dateUpdated":"2024-09-16T20:58:27.407Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"}