Denial of Service Vulnerability in IBM QRadar WinCollect Agent
CVE-2024-51461

4.3MEDIUM

Key Information:

Vendor: IBM
Status: Qradar Wincollect Agent
Vendor: CVE Published:; 11 April 2025

Summary

A vulnerability in IBM's QRadar WinCollect Agent, spanning versions 10.0 to 10.1.13, may allow a remote attacker to unleash a denial of service by disrupting an HTTP request, potentially leading to excessive memory consumption. This could severely impact the availability of services relying on the affected product. It's imperative for users to remain vigilant and apply any recommended mitigations to safeguard their systems.

Affected Version(s)

QRadar WinCollect Agent 10.0 <= 10.1.13

References

https://www.ibm.com/support/pages/node/7230614

vendor-advisory

CVSS V3.1

Score:

4.3

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Apr 11, 2025
Vulnerability Reserved
Oct 28, 2024