CVE-2024-51470

Summary

IBM MQ 9.1 LTS, 9.2 LTS, 9.3 LTS, 9.3 CD, 9.4 LTS, 9.4 CD, IBM MQ Appliance 9.3 LTS, 9.3 CD, 9.4 LTS, and IBM MQ for HPE NonStop 8.1.0 through 8.1.0.25 could allow an authenticated user to cause a denial-of-service due to messages with improperly set values.

Affected Software

VendorProductVersion RangeStatus
IBMMQ9.1 LTS, 9.2 LTS, 9.3 LTS, 9.3 CD, 9.4 LTS, 9.4 CDaffected
IBMMQ Appliance9.3 LTS, 9.3 CD, 9.4 LTSaffected
IBMMQ for HPE NonStop8.1.0 <= 8.1.0.25affected

Weaknesses

  • CWE-754: CWE-754 Improper Check for Unusual or Exceptional Conditions

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References