Login Sign Up

CVE-2024-54175

5.5 MEDIUM
Denial of Service

📋 TL;DR

This vulnerability in IBM MQ allows a local user to cause a denial of service by exploiting improper error handling. It affects IBM MQ 9.3 LTS, 9.3 CD, 9.4 LTS, and 9.4 CD versions. Only users with local access to the MQ server can exploit this vulnerability.

💻 Affected Systems

Products:
  • IBM MQ
Versions: 9.3 LTS, 9.3 CD, 9.4 LTS, 9.4 CD
Operating Systems: All supported platforms
Default Config Vulnerable: ⚠️ Yes
Notes: Only affects systems where local users have access to IBM MQ installation.

📦 What is this software?

Mq by Ibm

View all CVEs affecting Mq →

Mq by Ibm

View all CVEs affecting Mq →

Mq by Ibm

View all CVEs affecting Mq →

Mq by Ibm

View all CVEs affecting Mq →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete denial of service for IBM MQ services, disrupting message queuing operations and dependent applications.

🟠

Likely Case

Temporary service disruption requiring restart of affected MQ components.

🟢

If Mitigated

Minimal impact with proper access controls limiting local user privileges.

🌐 Internet-Facing: LOW - Requires local access to the server, not exploitable remotely.
🏢 Internal Only: MEDIUM - Local users with access to MQ servers could disrupt critical messaging services.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: LOW

Requires local access to the server but no special privileges beyond basic user access.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Apply fixes from IBM Security Bulletin: https://www.ibm.com/support/pages/node/7184453

Vendor Advisory: https://www.ibm.com/support/pages/node/7184453

Restart Required: Yes

Instructions:

1. Review IBM Security Bulletin for specific fix details. 2. Apply the recommended fix pack or interim fix. 3. Restart IBM MQ services. 4. Verify the fix is applied correctly.

🔧 Temporary Workarounds

Restrict local user access

linux

Limit local user access to IBM MQ installation directories and processes

chmod 750 /var/mqm
chown mqm:mqm /var/mqm
setfacl -m u:mqm:rwx /var/mqm

Implement process monitoring

all

Monitor IBM MQ processes for abnormal termination or resource consumption

🧯 If You Can't Patch

  • Implement strict access controls to limit which local users can access IBM MQ servers
  • Deploy monitoring and alerting for IBM MQ service disruptions with rapid response procedures

🔍 How to Verify

Check if Vulnerable:

Check IBM MQ version using 'dspmqver' command and compare against affected versions list

Check Version:

dspmqver

Verify Fix Applied:

Verify applied fix version matches or exceeds recommended fix version from IBM advisory

📡 Detection & Monitoring

Log Indicators:

  • Unexpected IBM MQ service termination
  • Error logs indicating improper condition handling
  • Multiple service restart events

Network Indicators:

  • Sudden drop in MQ message traffic
  • Connection failures to MQ services

SIEM Query:

source="mq.log" AND ("service terminated" OR "unexpected error" OR "denial of service")

📊 Metadata

CVE ID: CVE-2024-54175
CVSS v3 Score: 5.5 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE: CWE-754
EPSS Score: 0.02% exploit probability (4.3th percentile)
Published: February 28, 2025
Last Updated: September 26, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-54175, you might also want to check these:

CVE-2026-24054 10.0

A vulnerability in Kata Containers allows malformed container images with no layers to cause the hos...

Same vulnerability type (CWE-754)
CVE-2021-0211 10.0

This vulnerability in Juniper Networks Junos OS and Junos OS Evolved allows attackers to send specia...

Same vulnerability type (CWE-754)
CVE-2024-3729 9.8

This vulnerability in the Frontend Admin WordPress plugin allows unauthenticated attackers to manipu...

Same vulnerability type (CWE-754)