← back
CVE-2024-51470

IBM MQ denial of service

CVSS 6.5 MEDIUMEPSS 0.5%CWE-754
Vexday Risk Score
13Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 6.5EPSS 0.5%KEV nãoPoC Nuclei Metasploit Patch referenciado
Lifecycle
18 Dec 2024Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
IBM MQ 9.1 LTS, 9.2 LTS, 9.3 LTS, 9.3 CD, 9.4 LTS, 9.4 CD, IBM MQ Appliance 9.3 LTS, 9.3 CD, 9.4 LTS, and IBM MQ for HPE NonStop 8.1.0 through 8.1.0.25 could allow an authenticated user to cause a denial-of-service due to messages with improperly set values.
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Affected products
IBM · MQIBM · MQ ApplianceIBM · MQ for HPE NonStop

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://www.ibm.com/support/pages/node/7177593https://www.ibm.com/support/pages/node/7178085https://www.ibm.com/support/pages/node/7179137