Medium Severity

Security Bulletin: IBM MQ is vulnerable to a denial of service attack caused by an error processing messages. (CVE-2021-38875)

Share this post:

An issue was identified with IBM MQ error message processing code that could allow an attacker to execute a denial of service attack.

CVE(s): CVE-2021-38875

Affected product(s) and affected version(s):

Affected Product(s) Version(s)
IBM MQ 9.1 LTS
IBM MQ 9.0 LTS
IBM MQ 8.0
IBM MQ 9.2 CD
IBM MQ 9.1 CD
IBM MQ 9.2 LTS

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6517672
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/208398

More stories

Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in Spring

Jan 16, 2022 7:00 pm EST | Medium Severity

IBM Watson Discovery for IBM Cloud Pak for Data contains a vulnerable version of Spring. ...read more


Security Bulletin: Cross-site scripting vulnerability affects IBM Business Automation Workflow and IBM Business Process Manager (BPM) – CVE-2020-4516

Jan 15, 2022 7:00 pm EST | Medium Severity

IBM Business Process Manager and IBM Business Automation Workflow are vulnerable to a cross-site scripting attack. ...read more


Security Bulletin: Publicly disclosed vulnerability vulnerability in GNU binutils affects IBM Netezza Analytics for NPS

Jan 14, 2022 7:06 pm EST | Medium Severity

GNU binutils is used by IBM Netezza Analytics for NPS. IBM Netezza Analytics for NPS has addressed the applicable CVE by upgrading GNU binutils to version 2.37. ...read more