Login Sign Up

CVE-2024-45662

7.5 HIGH
Denial of Service

📋 TL;DR

This vulnerability in IBM Safer Payments allows remote attackers to cause denial of service by exploiting improper resource allocation. It affects IBM Safer Payments versions 6.4.0.00 through 6.4.2.07, 6.5.0.00 through 6.5.0.05, and 6.6.0.00 through 6.6.0.03.

💻 Affected Systems

Products:
  • IBM Safer Payments
Versions: 6.4.0.00 through 6.4.2.07, 6.5.0.00 through 6.5.0.05, and 6.6.0.00 through 6.6.0.03
Operating Systems: Not specified - likely multiple platforms
Default Config Vulnerable: ⚠️ Yes
Notes: All deployments within affected version ranges are vulnerable regardless of configuration.

📦 What is this software?

Safer Payments by Ibm

View all CVEs affecting Safer Payments →

Safer Payments by Ibm

View all CVEs affecting Safer Payments →

Safer Payments by Ibm

View all CVEs affecting Safer Payments →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete service disruption of IBM Safer Payments, preventing transaction processing and fraud detection capabilities.

🟠

Likely Case

Degraded performance or temporary service unavailability affecting payment processing systems.

🟢

If Mitigated

Minimal impact with proper network segmentation and resource monitoring in place.

🌐 Internet-Facing: MEDIUM - Remote exploitation possible but requires specific conditions.
🏢 Internal Only: MEDIUM - Internal attackers could disrupt critical payment processing systems.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Exploitation requires understanding of resource allocation patterns but no authentication needed.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Apply IBM Safer Payments fixes as specified in vendor advisory

Vendor Advisory: https://www.ibm.com/support/pages/node/7173765

Restart Required: No

Instructions:

1. Review IBM advisory 2. Download appropriate fix from IBM Fix Central 3. Apply fix following IBM documentation 4. Verify installation

🔧 Temporary Workarounds

Network Segmentation

all

Restrict network access to IBM Safer Payments to only trusted sources

Resource Monitoring

all

Implement monitoring for unusual resource consumption patterns

🧯 If You Can't Patch

  • Implement strict network access controls to limit exposure
  • Deploy additional monitoring for denial of service patterns

🔍 How to Verify

Check if Vulnerable:

Check IBM Safer Payments version against affected ranges: 6.4.0.00-6.4.2.07, 6.5.0.00-6.5.0.05, 6.6.0.00-6.6.0.03

Check Version:

Consult IBM Safer Payments administration interface or documentation for version check command

Verify Fix Applied:

Verify version is updated beyond affected ranges and check for successful patch application

📡 Detection & Monitoring

Log Indicators:

  • Unusual resource allocation patterns
  • Service disruption logs
  • Out of memory errors

Network Indicators:

  • Abnormal traffic patterns to Safer Payments services
  • Connection spikes

SIEM Query:

source="safer-payments" AND (event_type="resource_exhaustion" OR event_type="service_disruption")

📊 Metadata

CVE ID: CVE-2024-45662
CVSS v3 Score: 7.5 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CWE: CWE-770
EPSS Score: 0.12% exploit probability (31.2th percentile)
Published: January 18, 2025
Last Updated: August 14, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-45662, you might also want to check these:

CVE-2024-44241 9.8

This vulnerability in DCP firmware allows attackers to execute arbitrary code or cause system crashe...

Same vulnerability type (CWE-770)
CVE-2025-11832 9.8

This CVE describes a resource allocation vulnerability in Azure Access Technology BLU-IC2 and BLU-IC...

Same vulnerability type (CWE-770)
CVE-2021-47875 9.8

GeoGebra CAS Calculator 6.0.631.0 contains a buffer overflow vulnerability that allows attackers to ...

Same vulnerability type (CWE-770)