CVE-2024-40680 IBM MQ denial of service

🗓️ 07 Sep 2024 14:02:30Reported by ibmType

IBM MQ Operator denial of service due to improper memory allocation causing a segmentation faul

Reporter	Title	Published	Views	Family All 16
IBM Security Bulletins	Security Bulletin: Multiple Vulnerabilities have been identified in IBM MQ shipped with IBM WebSphere Remote Server	19 Sep 202415:55	–	ibm
IBM Security Bulletins	Security Bulletin: IBM MQ Operator and Queue manager container images are vulnerable to denial of service, privilege escalation and kerberos 5	6 Sep 202409:28	–	ibm
IBM Security Bulletins	Security Bulletin: IBM MQ Appliance is vulnerable to a denial of service (CVE-2024-40680)	16 Sep 202418:33	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple security vulnerabilities in IBM MQ affect IBM Robotic Process Automation	2 Dec 202416:25	–	ibm
IBM Security Bulletins	Security Bulletin: IBM MQ is vulnerable to a denial of service (CVE-2024-40680)	28 Jan 202522:08	–	ibm
Circl	CVE-2024-40680	7 Sep 202416:50	–	circl
CNNVD	IBM MQ 安全漏洞	7 Sep 202400:00	–	cnnvd
CNVD	IBM MQ Operator Denial of Service Vulnerability	11 Sep 202400:00	–	cnvd
CVE	CVE-2024-40680	7 Sep 202414:02	–	cve
EUVD	EUVD-2024-38568	3 Oct 202520:07	–	euvd

[
  {
    "cpes": [
      "cpe:2.3:a:ibm:mq_appliance:9.3:*:*:*:continuous_delivery:*:*:*",
      "cpe:2.3:a:ibm:mq_appliance:9.4:*:*:*:lts:*:*:*",
      "cpe:2.3:a:ibm:mq_appliance:9.4:*:*:*:continuous_delivery:*:*:*"
    ],
    "defaultStatus": "unaffected",
    "product": "MQ",
    "vendor": "IBM",
    "versions": [
      {
        "status": "affected",
        "version": "9.3 CD, 9.4 LTS, 9.4 CD"
      }
    ]
  }
]

Source	Link
ibm	www.ibm.com/support/pages/node/7167732

31 Oct 2024 16:26Current

CVSS 3.15.5

EPSS0.00188

CWE-789