Mq
CVE-2024-54175
MEDIUM
Severity by source
AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Lifecycle Timeline
2DescriptionCVE.org
IBM MQ 9.3 LTS, 9.3 CD, 9.4 LTS, and 9.4 CD
could allow a local user to cause a denial of service due to an improper check for unusual or exceptional conditions.
AnalysisAI
IBM MQ 9.3 LTS, 9.3 CD, 9.4 LTS, and 9.4 CD could allow a local user to cause a denial of service due to an improper check for unusual or exceptional conditions. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
Technical ContextAI
This vulnerability is classified under CWE-754. IBM MQ 9.3 LTS, 9.3 CD, 9.4 LTS, and 9.4 CD could allow a local user to cause a denial of service due to an improper check for unusual or exceptional conditions. Affected products include: Ibm Mq.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
IBM MQ 9.3 LTS, 9.3 CD, 9.4 LTS, and 9.4 CD stores potentially sensitive information in environment variables that could
Improper use of cryptographic functions in IBM MQ versions 9.1 through 9.4 allows local attackers with user privileges t
IBM MQ LTS 9.1.0.0 through 9.1.0.29, 9.2.0.0 through 9.2.0.36, 9.3.0.0 through 9.3.0.30 and 9.4.0.0 through 9.4.0.12 and
IBM MQ 9.3 LTS, 9.3 CD, 9.4 LTS, and 9.4 CD web console could allow a local user to obtain sensitive information when a
Same technique Denial Of Service
View allShare
External POC / Exploit Code
Leaving vuln.today