Sign-up

ID

VAR-202111-0183


CVE

CVE-2021-29843


TITLE

IBM MQ Security hole

Trust: 0.6

sources: CNNVD: CNNVD-202111-472

DESCRIPTION

IBM MQ 9.1 LTS, 9.1 CD, 9.2 LTS, and 9.2CD is vulnerable to a denial of service attack caused by an issue processing message properties. IBM X-Force ID: 205203.

Trust: 1.0

sources: NVD: CVE-2021-29843

AFFECTED PRODUCTS

vendor:ibmmodel:mq appliancescope:gteversion:9.1.0.0

Trust: 1.0

vendor:ibmmodel:mq appliancescope:ltversion:9.2.3

Trust: 1.0

vendor:ibmmodel:mq appliancescope:ltversion:9.1.0.9

Trust: 1.0

vendor:ibmmodel:mq appliancescope:gteversion:9.2.0.0

Trust: 1.0

vendor:ibmmodel:mq appliancescope:ltversion:9.2.0.3

Trust: 1.0

sources: NVD: CVE-2021-29843

CVSS

SEVERITY

CVSSV2

CVSSV3

NVD: CVE-2021-29843
value: MEDIUM

Trust: 1.0

CNNVD: CNNVD-202111-472
value: MEDIUM

Trust: 0.6

NVD: CVE-2021-29843
severity: MEDIUM
baseScore: 4.0
vectorString: AV:N/AC:L/AU:S/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 8.0
impactScore: 2.9
acInsufInfo: FALSE
obtainAllPrivilege: FALSE
obtainUserPrivilege: FALSE
obtainOtherPrivilege: FALSE
userInteractionRequired: FALSE
version: 2.0

Trust: 1.0

NVD: CVE-2021-29843
baseSeverity: MEDIUM
baseScore: 6.5
vectorString: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 3.6
version: 3.1

Trust: 1.0

sources: CNNVD: CNNVD-202111-472 // NVD: CVE-2021-29843

PROBLEMTYPE DATA

problemtype:NVD-CWE-noinfo

Trust: 1.0

sources: NVD: CVE-2021-29843

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202111-472

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202111-472

CONFIGURATIONS

sources:
            
            
            NVD: CVE-2021-29843

PATCH
title:IBM MQ Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=168795
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-202111-472

EXTERNAL IDS
db:NVDid:CVE-2021-29843
Trust: 1.6
db:AUSCERTid:ESB-2021.3710
Trust: 0.6
db:AUSCERTid:ESB-2021.3959
Trust: 0.6
db:CNNVDid:CNNVD-202111-472
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-202111-472 // 
            
            
            
            NVD: CVE-2021-29843

REFERENCES
url:https://www.ibm.com/support/pages/node/6513681
Trust: 2.2
url:https://exchange.xforce.ibmcloud.com/vulnerabilities/205203
Trust: 1.6
url:https://www.auscert.org.au/bulletins/esb-2021.3710
Trust: 0.6
url:https://nvd.nist.gov/vuln/detail/cve-2021-29843
Trust: 0.6
url:https://vigilance.fr/vulnerability/ibm-mq-denial-of-service-via-message-properties-36821
Trust: 0.6
url:https://www.auscert.org.au/bulletins/esb-2021.3959
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-202111-472 // 
            
            
            
            NVD: CVE-2021-29843

SOURCES
db:CNNVDid:CNNVD-202111-472
db:NVDid:CVE-2021-29843

LAST UPDATE DATE
2022-05-04T08:32:45.325000+00:00

SOURCES UPDATE DATE
db:CNNVDid:CNNVD-202111-472date:2021-11-23T00:00:00
db:NVDid:CVE-2021-29843date:2021-11-10T02:43:00

SOURCES RELEASE DATE
db:CNNVDid:CNNVD-202111-472date:2021-11-05T00:00:00
db:NVDid:CVE-2021-29843date:2021-11-08T17:15:00