Vulnerability Details
Basic Information
| Title | Security Bulletin: IBM Maximo Application Suite – Monitor Component is vulnerable to a possible denial-of- service for Python-idna CVE-2024-3651 |
|---|---|
| Type | ibm |
| Published | 2025-05-05T06:32:21 |
| Last Seen | 2025-05-05T10:56:45 |
| CVSS Score | 7.5 (HIGH) |
CVSS v3 Details
| Attack Vector | NETWORK |
|---|---|
| Attack Complexity | LOW |
| Privileges Required | NONE |
| User Interaction | NONE |
| Scope | UNCHANGED |
| Confidentiality Impact | NONE |
| Integrity Impact | NONE |
| Availability Impact | HIGH |
CVE Information
| CVE IDs | CVE-2024-3651 |
|---|---|
| CWE | |
| Bulletin Family | software |
Description
IBM Maximo Application Suite – Monitor Component is vulnerable to a possible denial-of- service for Python-idna CVE-2024-3651. This bulletin identifies the steps to take to address the vulnerabilities.
## Vulnerability Details
**CVEID:**CVE-2024-3651
**DESCRIPTION:** idna could allow a local user to cause a denial of service using a specially crafted argument to the idna.encode() function and consume system resources.
**CWE:**CWE-400: Uncontrolled Resource Consumption
**CVSS Source:** IBM X-Force
**CVSS Base score:** 6.2
**CVSS Vector:**(CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
## Affected Products and Versions
Affected Product(s)| Version(s)
—|—
IBM Maximo Application Suite – Monitor Component| 9.0.6
## Remediation/Fixes
Affected Product(s)| Fixpack Version(s)
—|—
IBM Maximo Application Suite – Monitor Component| 9.0.7 or latest (available from the Catalog under Update Available)
## Workarounds and Mitigations
None
##
Impact Assessment
| Base Score | 7.5 |
|---|---|
| Severity | HIGH |