Resource exhaustion in Ibm Db2 Big Sql On Cloud Pak For Data

CVE-2024-39724

IBM Db2 Big SQL on Cloud Pak for Data versions 7.6 (on CP4D 4.8), 7.7 (on CP4D 5.0), and 7.8 (on CP4D 5.1) do not properly limit the allocation of system resources. An authenticated user with internal knowledge of the environment could exp…

EPSS: 0.003 (20.9th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 5.3 (Medium). Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H.

Affected products

  • Ibm Db2 Big Sql On Cloud Pak For Data — versions IBM Db2 Big SQL 7.6 on Cloud Pak for Data 4.8, IBM Db2 Big SQL 7.7 on Cloud Pak for Data 5.0, IBM Db2 Big SQL 7.8 on Cloud Pak for Data 5.1

Weakness classification (CWE)

References

Frequently asked questions

What is CVE-2024-39724?
CVE-2024-39724 is a medium-severity vulnerability in Ibm Db2 Big Sql On Cloud Pak For Data, classified under Allocation of Resources Without Limits or Throttling. CVSS score: 5.3/10. Published 2026-02-04.
How severe is CVE-2024-39724?
Medium severity. CVSS v3 base score is 5.3 out of 10.