CVE-2024-37071
CVSS 3.1 Score 5.3 of 10 (medium)
Details
Summary
CVE-2024-37071 is a recently disclosed vulnerability affecting IBM Db2 for Linux, UNIX, and Windows versions 10.5, 11.1, and 11.5. This issue grants authenticated users the ability to cause a denial of service (DoS) by executing a specially crafted query. The root cause lies in the software's improper memory allocation mechanism. Successful exploitation of this vulnerability may lead to severe performance degradation or a complete system crash, potentially impacting database availability and, consequently, business operations. IBM strongly recommends applying the appropriate patches or updates to mitigate this risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Products
- IBM DB2
Affected Vendors
- IBM Corporation