Denial of Service Vulnerability in IBM Db2 on Cloud Pak for Data
CVE-2024-54178

6.5MEDIUM

Key Information:

Vendor: IBM
Status: Db2 On Cloud Pak For Data And Db2 Warehouse On Cloud Pak For Data
Vendor: CVE Published:; 22 June 2026

What is CVE-2024-54178?

IBM Db2 on Cloud Pak for Data versions 4.8, 5.0, 5.1, 5.2, and 5.3 are susceptible to a denial of service attack that can be triggered by an authenticated user when creating new databases. This vulnerability arises from improper allocation of resources, which can lead to service interruptions and hinder the normal operations of affected systems. Users are advised to implement the necessary patches to mitigate this risk.

Affected Version(s)

Db2 on Cloud Pak for Data and Db2 Warehouse on Cloud Pak for Data 4.8.0

Db2 on Cloud Pak for Data and Db2 Warehouse on Cloud Pak for Data 5.0.0 <= 5.3.0

References

https://www.ibm.com/support/pages/node/7277112

vendor-advisorypatch

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 22, 2026
Vulnerability Reserved
Nov 30, 2024

CVE-2024-54178 Data

JSON