CVE-2024-54178
Received Received - Intake
Denial of Service in IBM Db2 on Cloud Pak for Data

Publication date: 2026-06-22

Last updated on: 2026-06-22

Assigner: IBM Corporation

Description
IBM Db2 on Cloud Pak for Data and Db2 Warehouse on Cloud Pak for Data versions 4.8,5.0,5.1,5.2,5.3 could allow an authenticated user to cause a denial of service when creating new databases due to improper allocation of resources.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-22
Last Modified
2026-06-22
Generated
2026-06-22
AI Q&A
2026-06-22
EPSS Evaluated
N/A
NVD
CVE-2024-54178
EUVD
EUVD-2024-55643
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
ibm db2_on_cloud_pak_for_data *
ibm db2_warehouse_on_cloud_pak_for_data From 4.8 (inc) to 5.3 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-770 The product allocates a reusable resource or group of resources on behalf of an actor without imposing any intended restrictions on the size or number of resources that can be allocated.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

IBM Db2 on Cloud Pak for Data and Db2 Warehouse on Cloud Pak for Data versions 4.8, 5.0, 5.1, 5.2, and 5.3 contain a vulnerability that could allow an authenticated user to cause a denial of service when creating new databases due to improper allocation of resources.

Impact Analysis

This vulnerability can impact you by allowing an authenticated user to cause a denial of service (DoS) condition. Specifically, when creating new databases, the improper allocation of resources could exhaust system resources, potentially making the database service unavailable to legitimate users.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2024-54178. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart