CVE-2024-40680
📊 5.5 MEDIUM⚡ 0.0%🎯 0 exploits
📅 Published Sep 7, 2024
📋 Status: Modified
IBM MQ 9.3 CD and 9.4 LTS/CD could allow a local user to cause a denial of service due to improper memory allocation causing a segmentation fault.
CVSS v3.1 • [email protected]
🎯 Affected Products & Systems
2 product configurations affected
Filter by type:
| Type | Vendor | Product | Version Range | Status | CPE String |
|---|---|---|---|---|---|
📱App | ibm | mq operator | 2.0.26 | Vulnerable | cpe:2.3:a:ibm:mq_operator:2.0.26:*:*:*:-:*:*:* |
📱App | ibm | mq operator | 3.2.4 | Vulnerable | cpe:2.3:a:ibm:mq_operator:3.2.4:*:*:*:-:*:*:* |
📱
VulnerableApplication
Version: 2.0.26
CPE:
cpe:2.3:a:ibm:mq_operator:2.0.26:*:*:*:-:*:*:*
📱
VulnerableApplication
Version: 3.2.4
CPE:
cpe:2.3:a:ibm:mq_operator:3.2.4:*:*:*:-:*:*:*
Metrics
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector:
LOCAL
Complexity:
LOW
Privileges:
LOW
User Interaction:
NONE
Confidentiality:
NONE
Integrity:
NONE
Availability:
HIGH
Scope:
UNCHANGED
🔍 Technical Details
Analysis Status
ModifiedCVSS Details
5.5 (MEDIUM)v3.1
Source: [email protected]
EPSS Details
0.0% (Minimal)7.6th percentile
Last updated: Oct 31, 2025
Exploitation probability within 30 days
Published Date
Sep 7, 2024 (1 year ago)
Last Modified
Oct 31, 2024 (1 year ago)
Security Weaknesses2
CWE-789CWE-770
References2
NVDgeneral