What is the severity of CVE-2024-51470?

CVE-2024-51470 is classified as a denial-of-service vulnerability affecting certain versions of IBM MQ.

How do I fix CVE-2024-51470?

To remediate CVE-2024-51470, update IBM MQ to the latest version where the vulnerability is patched.

Who is vulnerable to CVE-2024-51470?

Authenticated users of IBM MQ versions 9.1 LTS, 9.2 LTS, 9.3 LTS, 9.4 LTS, and IBM MQ Appliance versions 9.3 LTS, 9.3 CD, and 9.4 LTS are affected by CVE-2024-51470.

What can an attacker do with CVE-2024-51470?

An attacker can exploit CVE-2024-51470 to create a denial-of-service condition by sending messages with improperly set values.

Is CVE-2024-51470 a zero-day vulnerability?

CVE-2024-51470 is not a zero-day vulnerability as the affected products are already known and updates are available.

Vulnerability/
CVE-2024-51470

medium

6.5

CWE

754

18/12/2024

CVE-2024-51470: IBM MQ denial of service

First published: Wed Dec 18 2024(Updated: )

IBM MQ 9.1 LTS, 9.2 LTS, 9.3 LTS, 9.3 CD, 9.4 LTS, 9.4 CD, IBM MQ Appliance 9.3 LTS, 9.3 CD, 9.4 LTS, and IBM MQ for HPE NonStop 8.1.0 through 8.1.0.25 could allow an authenticated user to cause a denial-of-service due to messages with improperly set values.

Credit: psirt@us.ibm.com

Affected Software	Affected Version	How to fix
IBM MQ Appliance Firmware	<=9.3 LTS
IBM MQ Appliance Firmware	<=9.3 CD
IBM MQ Appliance Firmware	<=9.4 LTS

Never miss a vulnerability like this again

Reference Links

Parent vulnerabilities

(Appears in the following advisories)

IBM-7178085

Frequently Asked Questions

What is the severity of CVE-2024-51470?
CVE-2024-51470 is classified as a denial-of-service vulnerability affecting certain versions of IBM MQ.
How do I fix CVE-2024-51470?
To remediate CVE-2024-51470, update IBM MQ to the latest version where the vulnerability is patched.
Who is vulnerable to CVE-2024-51470?
Authenticated users of IBM MQ versions 9.1 LTS, 9.2 LTS, 9.3 LTS, 9.4 LTS, and IBM MQ Appliance versions 9.3 LTS, 9.3 CD, and 9.4 LTS are affected by CVE-2024-51470.
What can an attacker do with CVE-2024-51470?
An attacker can exploit CVE-2024-51470 to create a denial-of-service condition by sending messages with improperly set values.
Is CVE-2024-51470 a zero-day vulnerability?
CVE-2024-51470 is not a zero-day vulnerability as the affected products are already known and updates are available.

agent/weakness
agent/title
agent/references
agent/first-publish-date
agent/type
agent/softwarecombine
agent/description
collector/nvd-api
source/NVD
agent/severity
agent/author
agent/event
agent/trending
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/source
agent/tags
collector/ibm-support
source/IBM
agent/software-canonical-lookup
agent/software-canonical-lookup-request
vendor/ibm
canonical/ibm mq appliance firmware
version/ibm mq appliance firmware/9.3 lts
version/ibm mq appliance firmware/9.3 cd
version/ibm mq appliance firmware/9.4 lts

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.