CVE-2024-51471

Name of the Vulnerable Software and Affected Versions IBM MQ Appliance versions 9.3 LTS through 9.4 LTS

Description The web console of IBM MQ Appliance could allow an authenticated user to cause a denial-of-service when trace is enabled due to information being written into memory outside of the intended buffer size.

Recommendations For IBM MQ Appliance versions 9.3 LTS, 9.3 CD, and 9.4 LTS, consider disabling the trace feature as a temporary workaround until a patch is available. Restrict access to the web console to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.