PT-2024-2164 · Ibm · Ibm Mq Appliance+1

Published

2024-03-01

Updated

2024-03-04

CVE-2024-25016

CVSS v2.0

7.8

High

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions IBM MQ and IBM MQ Appliance versions 9.0 through 9.3 CD

Description The issue is related to insufficient input validation, which can be exploited by a remote attacker to cause a denial of service. This is due to incorrect buffering logic. A remote unauthenticated attacker may cause a denial of service.

Recommendations For IBM MQ and IBM MQ Appliance versions 9.0 through 9.3 CD, update to a version that includes the fix for the incorrect buffering logic issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Improper Resource Release

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-404CWE-20

Related Identifiers

BDU:2024-02076

CVE-2024-25016

Affected Products

Ibm Mq

Ibm Mq Appliance

PT-2024-2164 · Ibm · Ibm Mq Appliance+1

CVE-2024-25016

Weakness Enumeration

Related Identifiers

Affected Products

References · 9