Trading Technologies Messaging has reported from security researchers.
TT Messaging (TTM) 7.x provides greatly improved performance, scalability, and logging capabilities due to extensive refactoring of the TTM API and Daemon. TTM 7.x is operationally identical to previous TTM releases: TTM continues to manage queues, provide subject resolution, and use the same application semantics/wire protocol as previous versions.
A vulnerability, which was classified as problematic, has been found in Trading Technologies Messaging 7.1.28.3.
The manipulation of the argument src as part of a Invalid Parameter leads to a denial of service vulnerability. Using CWE to declare the problem leads to CWE-404 . Impacted is availability.
The weakness was disclosed 09/02/2020. The advisory is shared for download at tenable.com . This vulnerability is handled as CVE-2020-5779 since 01/06/2020. There are known technical details, but no exploit is available.
This vulnerability is handled as CVE-2020-5779 since 01/06/2020. There are known technical details, but no exploit is available. Addressing this vulnerability is possible by firewall-ING TCP/10200.