CVE-2019-4227 is a vulnerability in IBM Mq
Published on October 4, 2019
IBM MQ 8.0.0.4 - 8.0.0.12, 9.0.0.0 - 9.0.0.6, 9.1.0.0 - 9.1.0.2, and 9.1.0 - 9.1.2 AMQP Listeners could allow an unauthorized user to conduct a session fixation attack due to clients not being disconnected as they should. IBM X-Force ID: 159352.
Products Associated with CVE-2019-4227
Want to know whenever a new CVE is published for IBM Mq? stack.watch will email you.
Affected Versions
IBM MQ:- Version 9.0.0.1 is affected.
- Version 8.0.0.4 is affected.
- Version 8.0.0.5 is affected.
- Version 8.0.0.6 is affected.
- Version 8.0.0.7 is affected.
- Version 9.0.0.2 is affected.
- Version 8.0.0.8 is affected.
- Version 8.0.0.9 is affected.
- Version 9.0.0.3 is affected.
- Version 8.0.0.10 is affected.
- Version 9.0.0.0 is affected.
- Version 9.0.0.4 is affected.
- Version 9.0.0.5 is affected.
- Version 9.1.0.0 is affected.
- Version 9.1.0.1 is affected.
- Version 9.1.1 is affected.
- Version 9.1.0.2 is affected.
- Version 9.1.2 is affected.
- Version 8.0.0.11 is affected.
- Version 9.0.0.6 is affected.
- Version 8.0.0.12 is affected.
Exploit Probability
EPSS
0.33%
Percentile
55.40%
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.