{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"cveId":"CVE-2024-51470","assignerOrgId":"9a959283-ebb5-44b6-b705-dcc2bbced522","state":"PUBLISHED","assignerShortName":"ibm","dateReserved":"2024-10-28T10:50:18.700Z","datePublished":"2024-12-18T19:56:10.377Z","dateUpdated":"2024-12-18T20:24:38.409Z"},"containers":{"cna":{"affected":[{"cpes":["cpe:2.3:a:ibm:mq:9.1.0.0:*:*:*:lts:*:*:*","cpe:2.3:a:ibm:mq:9.2.0:*:*:*:lts:*:*:*","cpe:2.3:a:ibm:mq:9.3.0:*:*:*:lts:*:*:*","cpe:2.3:a:ibm:mq:9.3.0:*:*:*:continuous_delivery:*:*:*","cpe:2.3:a:ibm:mq:9.4.0:*:*:*:lts:*:*:*","cpe:2.3:a:ibm:mq:9.4.0:*:*:*:continuous_delivery:*:*:*"],"defaultStatus":"unaffected","product":"MQ","vendor":"IBM","versions":[{"status":"affected","version":"9.1 LTS, 9.2 LTS, 9.3 LTS, 9.3 CD, 9.4 LTS, 9.4 CD"}]},{"cpes":["cpe:2.3:a:ibm:mq_appliance:9.3:*:*:*:lts:*:*:*","cpe:2.3:a:ibm:mq_appliance:9.3:*:*:*:continuous_delivery:*:*:*","cpe:2.3:a:ibm:mq_appliance:9.4:*:*:*:lts:*:*:*"],"defaultStatus":"unaffected","product":"MQ Appliance","vendor":"IBM","versions":[{"status":"affected","version":"9.3 LTS, 9.3 CD, 9.4 LTS"}]},{"cpes":["cpe:2.3:a:ibm:mq_for_hpe_nonstop:8.1.0:*:*:*:*:*:*:*","cpe:2.3:a:ibm:mq_for_hpe_nonstop:8.1.0.25:*:*:*:*:*:*:*"],"defaultStatus":"unaffected","product":"MQ for HPE NonStop","vendor":"IBM","versions":[{"lessThanOrEqual":"8.1.0.25","status":"affected","version":"8.1.0","versionType":"semver"}]}],"descriptions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"IBM MQ 9.1 LTS, 9.2 LTS, 9.3 LTS, 9.3 CD, 9.4 LTS, 9.4 CD, IBM MQ Appliance 9.3 LTS, 9.3 CD, 9.4 LTS, and IBM MQ for HPE NonStop 8.1.0 through 8.1.0.25 could allow an authenticated user to cause a denial-of-service due to messages with improperly set values."}],"value":"IBM MQ 9.1 LTS, 9.2 LTS, 9.3 LTS, 9.3 CD, 9.4 LTS, 9.4 CD, IBM MQ Appliance 9.3 LTS, 9.3 CD, 9.4 LTS, and IBM MQ for HPE NonStop 8.1.0 through 8.1.0.25 could allow an authenticated user to cause a denial-of-service due to messages with improperly set values."}],"metrics":[{"cvssV3_1":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"HIGH","baseScore":6.5,"baseSeverity":"MEDIUM","confidentialityImpact":"NONE","integrityImpact":"NONE","privilegesRequired":"LOW","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","version":"3.1"},"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}]}],"problemTypes":[{"descriptions":[{"cweId":"CWE-754","description":"CWE-754 Improper Check for Unusual or Exceptional Conditions","lang":"en","type":"CWE"}]}],"providerMetadata":{"orgId":"9a959283-ebb5-44b6-b705-dcc2bbced522","shortName":"ibm","dateUpdated":"2024-12-18T19:56:10.377Z"},"references":[{"tags":["vendor-advisory"],"url":"https://www.ibm.com/support/pages/node/7179137"},{"tags":["vendor-advisory"],"url":"https://www.ibm.com/support/pages/node/7178085"},{"tags":["vendor-advisory"],"url":"https://www.ibm.com/support/pages/node/7177593"}],"source":{"discovery":"UNKNOWN"},"title":"IBM MQ denial of service","x_generator":{"engine":"Vulnogram 0.2.0"}},"adp":[{"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2024-12-18T20:24:17.133411Z","id":"CVE-2024-51470","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2024-12-18T20:24:38.409Z"}}]}}