VDB
CVE-2024-27255
CVE-2024-27255
PUBLISHED
In IBM MQ existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten, unter anderem "Eclipse", "libqb", "BasiliX", "Libxml2" oder "JavaSE". Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuführen.
EPSS 0.03% · 9.4th percentile
Risk Scores
EPSS Score
0.03%
9.4th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| IBM | IBM Power Hardware Management Console V10 | |
| IBM | IBM App Connect Enterprise <=12.0.11.3 | |
| IBM | IBM Storage Scale | |
| IBM | IBM MQ 9.2 LTS | |
| IBM | IBM App Connect Enterprise <=11.0.0.25 | |
| IBM | IBM MQ 9.3 LTS | |
| IBM | IBM DataPower Gateway <10.5.0.15 | |
| IBM | IBM Business Automation Workflow | |
| IBM | IBM DataPower Gateway <10.5.0.10 | |
| IBM | IBM DB2 | |
| IBM | IBM DataPower Gateway <10.0.1.18 | |
| IBM | IBM FlashSystem | |
| IBM | IBM DataPower Gateway <10.6.0.3 | |
| IBM | IBM MQ Operator v3.1.0 CD | |
| IBM | IBM QRadar SIEM <7.5.0 UP8 | |
| IBM | IBM DataPower Gateway <10.6.2 | |
| IBM | IBM MQ Operator v2.4.8 | |
| IBM | IBM MQ 9.3 CD | |
| IBM | IBM Storwize | |
| IBM | IBM MQ 9.1 LTS |
…and 6 more
Exploit Intelligence
- CIRCL seen: CVE-2024-27255 (circl-sighting)
- CIRCL seen: CVE-2024-27255 (circl-sighting)
- https://www.ibm.com/support/pages/node/7126571 (circl)
- https://exchange.xforce.ibmcloud.com/vulnerabilities/283905 (circl)
Timeline
- Feb 29, 2024 CVE Published
- Mar 3, 2024 PoC Published
- Mar 3, 2024 PoC Published
- Mar 4, 2024 EPSS Score
- Mar 30, 2024 EPSS Score
- Apr 26, 2024 EPSS Score
- May 22, 2024 EPSS Score
- Jun 18, 2024 EPSS Score
- Jul 14, 2024 EPSS Score
- Aug 9, 2024 EPSS Score
- Sep 5, 2024 EPSS Score
- Oct 1, 2024 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0521.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0521 advisory
- https://www.ibm.com/support/pages/node/7123135 advisory
- https://www.ibm.com/support/pages/node/7123136 advisory
- https://www.ibm.com/support/pages/node/7123137 advisory
- https://www.ibm.com/support/pages/node/7123138 advisory
- https://www.ibm.com/support/pages/node/7123139 advisory
- https://www.ibm.com/support/pages/node/7126571 advisory
- https://www.ibm.com/support/pages/node/7129251 advisory
- https://www.ibm.com/support/pages/node/7137570 advisory
- https://www.ibm.com/support/pages/node/7138007 advisory
- https://www.ibm.com/support/pages/node/7145367 advisory
- https://www.ibm.com/support/pages/node/7145780 advisory
- https://www.ibm.com/support/pages/node/7146478 advisory
- https://www.ibm.com/support/pages/node/7114770 advisory
- https://www.ibm.com/support/pages/node/7150144 advisory
- https://www.ibm.com/support/pages/node/7150158 advisory
- https://www.ibm.com/support/pages/node/7162189 advisory
- https://www.ibm.com/support/pages/node/7178670 advisory