Lucene search
IbmCVE-2024-25015HistoryMay 01, 2024 - 5:15 p.m.
CVE-2024-25015
2024-05-0117:15:29
CWE-406
ibm
web.nvd.nist.gov
37
ibm
mq
denial of service
http requests
remote user
nvd
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
AI Score
7.2
Confidence
High
EPSS
0
Percentile
9.0%
IBM MQ 9.2 LTS, 9.3 LTS, and 9.3 CD Internet Pass-Thru could allow a remote user to cause a denial of service by sending HTTP requests that would consume all available resources. IBM X-Force ID: 281278.
Affected configurations
Node
ibmmqMatch9.2lts
ORibmmqMatch9.3lts
ORibmmqMatch9.3continuous_delivery
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "MQ",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "9.2 LTS, 9.3 LTS, 9.3 CD"
}
]
}
]Related
nvd
nvd
CVE-2024-25015
2024-05-01 17:15:29
cvelist
cvelist
CVE-2024-25015 IBM MQ denial of service
2024-05-01 16:16:16
nessus
nessus
IBM MQ 9.2 <= 9.2.0.25 / 9.3 < 9.3.5 CD / 9.3 <= 9.3.0.17 DoS (7149583)
2024-04-26 00:00:00
ibm
ibm
vulnrichment
vulnrichment
CVE-2024-25015 IBM MQ denial of service
2024-05-01 16:16:16
veracode
veracode
Denial Of Service (DOS)
2024-05-02 10:22:58
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
AI Score
7.2
Confidence
High
EPSS
0
Percentile
9.0%
Related for CVE-2024-25015