CVE Catalog

CVE-2024-54178

MediumCVSS 6.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.24%

14th percentile — higher than 14% of all known CVEs

Summary

A vulnerability in IBM Db2 on Cloud Pak for Data and Db2 Warehouse on Cloud Pak for Data versions 4.8, 5.0, 5.1, 5.2, 5.3 allows an authenticated user to cause a denial of service when creating new databases due to improper resource allocation.

Risk Assessment

The risk is that an authenticated attacker could intentionally overload the system, preventing the creation of new databases and disrupting critical services for the organization.

Recommendation

It is recommended to immediately upgrade to the latest available version of IBM Db2 on Cloud Pak for Data and Db2 Warehouse on Cloud Pak for Data that includes a fix for this vulnerability.

Original NVD description (English source)

IBM Db2 on Cloud Pak for Data and Db2 Warehouse on Cloud Pak for Data versions 4.8,5.0,5.1,5.2,5.3 could allow an authenticated user to cause a denial of service when creating new databases due to improper allocation of resources.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS