Denial of Service Vulnerability in IBM Db2 Big SQL on Cloud Pak for Data
CVE-2024-39724

5.3MEDIUM

Key Information:

Vendor: IBM
Status: Db2 Big Sql On Cloud Pak For Data
Vendor: CVE Published:; 4 February 2026

What is CVE-2024-39724?

IBM Db2 Big SQL versions 7.6, 7.7, and 7.8 on Cloud Pak for Data have a vulnerability related to inadequate resource allocation controls. This weakness could allow authenticated users with specific internal insights to exploit the system, potentially leading to a denial of service. It is crucial to apply the latest patches to mitigate this risk and protect operational integrity.

Affected Version(s)

Db2 Big SQL on Cloud Pak for Data IBM Db2 Big SQL 7.6 on Cloud Pak for Data 4.8 <= 2.1.0

Db2 Big SQL on Cloud Pak for Data IBM Db2 Big SQL 7.7 on Cloud Pak for Data 5.0

Db2 Big SQL on Cloud Pak for Data IBM Db2 Big SQL 7.8 on Cloud Pak for Data 5.1

References

https://www.ibm.com/support/pages/node/7257907

vendor-advisorypatch

CVSS V3.1

Score:

5.3

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 4, 2026
Vulnerability Reserved
Jun 28, 2024

CVE-2024-39724 Data

JSON