Severity
Medium
Analysis Summary
CVE-2024-31919 CVSS:5.9
IBM MQ 9.0 LTS, 9.1 LTS, 9.2 LTS, 9.3 LTS and 9.3 CD, in certain configurations, is vulnerable to a denial of service attack caused by an error processing messages when an API Exit using MQBUFMH is used.
CVE-2024-35116 CVSS:5.9
IBM MQ 9.0 LTS, 9.1 LTS, 9.2 LTS, 9.3 LTS, and 9.3 CD is vulnerable to a denial of service attack caused by an error applying configuration changes.
Impact
- Denial of Service
Indicators of Compromise
CVE
- CVE-2024-31919
- CVE-2024-35116
Affected Vendors
IBM
Affected Products
- IBM MQ Appliance 9.3 CD
- IBM MQ 9.0 LTS
- IBM MQ 9.1 LTS
- IBM MQ 9.2 LTS
- IBM MQ 9.3 LTS
- IBM MQ 9.3 CD
Remediation
Refer to the appropriate IBM Security Advisory for patch, upgrade or suggested workaround information.