CVE-2024-39724 IBM Db2 Big SQL on Cloud Pak for Data is vulnerable to a denial of service due to lack of throttling on an API

🗓️ 04 Feb 2026 20:52:21Reported by ibmType

Authenticated user with internal knowledge can cause denial of service via API throttling in Db2 Big SQL on Cloud Pak Data.

Reporter	Title	Published	Views	Family All 10
IBM Security Bulletins	Security Bulletin: IBM Db2 Big SQL on Cloud Pak for Data is vulnerable to a denial of service due to lack of throttling on an API	23 Jan 202612:37	–	ibm
ATTACKERKB	CVE-2024-39724	4 Feb 202620:52	–	attackerkb
CNNVD	IBM Db2 Big SQL on Cloud Pak for Data 安全漏洞	4 Feb 202600:00	–	cnnvd
CNVD	IBM Db2 Big SQL on Cloud Pak for Data Resource Management Error Vulnerability	11 Feb 202600:00	–	cnvd
CVE	CVE-2024-39724	4 Feb 202620:52	–	cve
EUVD	EUVD-2024-55395	4 Feb 202620:52	–	euvd
NVD	CVE-2024-39724	4 Feb 202621:15	–	nvd
Positive Technologies	PT-2026-5865	4 Feb 202600:00	–	ptsecurity
RedhatCVE	CVE-2024-39724	6 Feb 202601:25	–	redhatcve
Vulnrichment	CVE-2024-39724 IBM Db2 Big SQL on Cloud Pak for Data is vulnerable to a denial of service due to lack of throttling on an API	4 Feb 202620:52	–	vulnrichment

[
  {
    "cpes": [
      "cpe:2.3:a:ibm:big_sql:7.6:*:*:*:*:*:*:*",
      "cpe:2.3:a:ibm:big_sql:7.7:*:*:*:*:*:*:*",
      "cpe:2.3:a:ibm:big_sql:7.8:*:*:*:*:*:*:*"
    ],
    "product": "Db2 Big SQL on Cloud Pak for Data",
    "vendor": "IBM",
    "versions": [
      {
        "lessThanOrEqual": "2.1.0",
        "status": "affected",
        "version": "IBM Db2 Big SQL 7.6 on Cloud Pak for Data 4.8",
        "versionType": "semver"
      },
      {
        "status": "affected",
        "version": "IBM Db2 Big SQL 7.7 on Cloud Pak for Data 5.0"
      },
      {
        "status": "affected",
        "version": "IBM Db2 Big SQL 7.8 on Cloud Pak for Data 5.1"
      }
    ]
  }
]

Source	Link
ibm	www.ibm.com/support/pages/node/7257907

04 Feb 2026 21:30Current

CVSS 3.15.3

EPSS0.00293

CWE-770