CVE-2024-54178
MediumCVSS 6.5Exploitation Probability (EPSS)
Low risk14th percentile — higher than 14% of all known CVEs
Summary
A vulnerability in IBM Db2 on Cloud Pak for Data and Db2 Warehouse on Cloud Pak for Data versions 4.8, 5.0, 5.1, 5.2, 5.3 allows an authenticated user to cause a denial of service when creating new databases due to improper resource allocation.
Risk Assessment
The risk is that an authenticated attacker could intentionally overload the system, preventing the creation of new databases and disrupting critical services for the organization.
Recommendation
It is recommended to immediately upgrade to the latest available version of IBM Db2 on Cloud Pak for Data and Db2 Warehouse on Cloud Pak for Data that includes a fix for this vulnerability.
Original NVD description (English source)
IBM Db2 on Cloud Pak for Data and Db2 Warehouse on Cloud Pak for Data versions 4.8,5.0,5.1,5.2,5.3 could allow an authenticated user to cause a denial of service when creating new databases due to improper allocation of resources.

