7.5
CVE-2024-25015
- EPSS 0.08%
- Veröffentlicht 01.05.2024 17:15:29
- Zuletzt bearbeitet 21.08.2025 15:15:50
- Quelle psirt@us.ibm.com
- CVE-Watchlists
- Unerledigt
IBM MQ denial of service
IBM MQ 9.2 LTS, 9.3 LTS, and 9.3 CD Internet Pass-Thru could allow a remote user to cause a denial of service by sending HTTP requests that would consume all available resources. IBM X-Force ID: 281278.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Ibm ≫ Mq SwEditionlts Version >= 9.2.0.0 < 9.2.0.25
Ibm ≫ Aix Version-
Ibm ≫ Linux On Ibm Z Version-
Linux ≫ Linux Kernel Version-
Microsoft ≫ Windows Version-
Ibm ≫ Linux On Ibm Z Version-
Linux ≫ Linux Kernel Version-
Microsoft ≫ Windows Version-
Ibm ≫ Mq SwEditioncontinuous_delivery Version >= 9.3.0 < 9.3.5
Ibm ≫ Aix Version-
Ibm ≫ Linux On Ibm Z Version-
Linux ≫ Linux Kernel Version-
Microsoft ≫ Windows Version-
Ibm ≫ Linux On Ibm Z Version-
Linux ≫ Linux Kernel Version-
Microsoft ≫ Windows Version-
Ibm ≫ Mq SwEditionlts Version >= 9.3.0.0 < 9.3.0.17
Ibm ≫ Aix Version-
Ibm ≫ Linux On Ibm Z Version-
Linux ≫ Linux Kernel Version-
Microsoft ≫ Windows Version-
Ibm ≫ Linux On Ibm Z Version-
Linux ≫ Linux Kernel Version-
Microsoft ≫ Windows Version-
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
Login| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.08% | 0.234 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| psirt@us.ibm.com | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
|
CWE-406 Insufficient Control of Network Message Volume (Network Amplification)
The product does not sufficiently monitor or control transmitted network traffic volume, so that an actor can cause the product to transmit more traffic than should be allowed for that actor.