CVE-2024-51470
Last modified
CVE-2024-51470 is a medium-severity vulnerability rated 6.5/10 on the CVSS scale. IBM MQ 9.1 LTS, 9.2 LTS, 9.3 LTS, 9.3 CD, 9.4 LTS, 9.4 CD, IBM MQ Appliance 9.3 LTS, 9.3 CD, 9.4 LTS, and IBM MQ for HPE NonStop 8.1.0 through 8.1.0.25 could allow an authenticated user to cause a denial-of-service due to messages with improperly set values.. EPSS estimates a 0.49% chance of exploitation in the next 30 days.
Description
IBM MQ 9.1 LTS, 9.2 LTS, 9.3 LTS, 9.3 CD, 9.4 LTS, 9.4 CD, IBM MQ Appliance 9.3 LTS, 9.3 CD, 9.4 LTS, and IBM MQ for HPE NonStop 8.1.0 through 8.1.0.25 could allow an authenticated user to cause a denial-of-service due to messages with improperly set values.
Metrics
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Mq Appliance | >= 9.1.0.0, < 9.1.0.26 |
| Ibm | Mq Appliance | >= 9.2.0.0, < 9.2.0.30 |
| Ibm | Mq Appliance | >= 9.3.0.0, < 9.3.0.26 |
| Ibm | Mq Appliance | >= 9.4.0.0, < 9.4.0.7 |
| Ibm | Mq For Hpe Nonstop | >= 8.1.0, < 8.1.0.26 |
References
- https://www.ibm.com/support/pages/node/7177593Vendor Advisory
- https://www.ibm.com/support/pages/node/7178085Vendor Advisory
- https://www.ibm.com/support/pages/node/7179137Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Analyzed
Frequently Asked Questions
What is CVE-2024-51470?
How severe is CVE-2024-51470?
How do I fix CVE-2024-51470?
Are you affected by CVE-2024-51470?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST