CVE-2024-49823

IBM Common Cryptographic Architecture 7.0.0 through 7.5.51 could allow an authenticated user to cause a denial of service in the Hardware Security Module (HSM) using a specially crafted sequence of valid requests.

CVSS v3 6.5 MEDIUM

6.5^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://www.ibm.com/support/pages/node/7185282	Vendor Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:a:ibm:common_cryptographic_architecture:*:*:*:*:*:*:*:*

OR	cpe:2.3:o:ibm:aix:-:::::::*
	cpe:2.3:o:ibm:i:-:::::::*
	cpe:2.3:o:linux:linux_kernel:-:::::::*

History

25 Jul 2025, 18:12

Type	Values Removed	Values Added
First Time		Ibm common Cryptographic Architecture Ibm aix Linux Ibm i Ibm Linux linux Kernel
Summary		(es) IBM Common Cryptographic Architecture 7.0.0 a 7.5.51 podría permitir que un usuario autenticado provoque una denegación de servicio en el módulo de seguridad de hardware (HSM) utilizando una secuencia especialmente manipulada de solicitudes válidas.
CPE		cpe:2.3:o:ibm:i:-:::::::* cpe:2.3:o:ibm:aix:-:::::::* cpe:2.3:o:linux:linux_kernel:-:::::::* cpe:2.3:a:ibm:common_cryptographic_architecture::::::::
References	~~() https://www.ibm.com/support/pages/node/7185282 -~~	() https://www.ibm.com/support/pages/node/7185282 - Vendor Advisory

11 Mar 2025, 01:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-03-11 01:15

Updated : 2025-07-25 18:12

NVD link : CVE-2024-49823

Mitre link : CVE-2024-49823

CVE.ORG link : CVE-2024-49823

JSON object : View

Products Affected

ibm

i
common_cryptographic_architecture
aix

linux

linux_kernel

CWE

CWE-787

Out-of-bounds Write

6.5 /10