IBM MQ: Information Disclosure during MQ Channel Creation (CVE-2024-45549)
CVE-2024-45549 Published on April 7, 2025
Exposure of Sensitive System Information to an Unauthorized Control Sphere in KERNEL
Information disclosure while creating MQ channels.
Vulnerability Analysis
CVE-2024-45549 can be exploited with local system access, and does not require authorization privileges or user interaction. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality and integrity, and no impact on availability.
Attack Vector:
LOCAL
Attack Complexity:
LOW
Privileges Required:
NONE
User Interaction:
NONE
Scope:
UNCHANGED
Confidentiality Impact:
HIGH
Integrity Impact:
HIGH
Availability Impact:
NONE
Weakness Type
Exposure of Sensitive System Information to an Unauthorized Control Sphere
The application does not properly prevent sensitive system-level information from being accessed by unauthorized actors who do not have the same level of access to the underlying system as the application does.
Products Associated with CVE-2024-45549
You can be notified by email with stack.watch whenever vulnerabilities like CVE-2024-45549 are published in these products:
Affected Versions
Qualcomm, Inc. Snapdragon:- Version AR8035 is affected.
- Version FastConnect 6700 is affected.
- Version FastConnect 6800 is affected.
- Version FastConnect 6900 is affected.
- Version FastConnect 7800 is affected.
- Version QAM8255P is affected.
- Version QAM8295P is affected.
- Version QAM8620P is affected.
- Version QAM8650P is affected.
- Version QAM8775P is affected.
- Version QAMSRV1H is affected.
- Version QAMSRV1M is affected.
- Version QCA6174A is affected.
- Version QCA6391 is affected.
- Version QCA6421 is affected.
- Version QCA6426 is affected.
- Version QCA6431 is affected.
- Version QCA6436 is affected.
- Version QCA6574AU is affected.
- Version QCA6584AU is affected.
- Version QCA6595 is affected.
- Version QCA6595AU is affected.
- Version QCA6678AQ is affected.
- Version QCA6688AQ is affected.
- Version QCA6696 is affected.
- Version QCA6698AQ is affected.
- Version QCA6797AQ is affected.
- Version QCA8081 is affected.
- Version QCA8337 is affected.
- Version QCC710 is affected.
- Version QCM4490 is affected.
- Version QCM8550 is affected.
- Version QCN6024 is affected.
- Version QCN6224 is affected.
- Version QCN6274 is affected.
- Version QCN9011 is affected.
- Version QCN9012 is affected.
- Version QCN9024 is affected.
- Version QCN9274 is affected.
- Version QCS4490 is affected.
- Version QCS7230 is affected.
- Version QCS8250 is affected.
- Version QCS8300 is affected.
- Version QCS8550 is affected.
- Version QCS9100 is affected.
- Version QDU1000 is affected.
- Version QDU1010 is affected.
- Version QDU1110 is affected.
- Version QDU1210 is affected.
- Version QDX1010 is affected.
- Version QDX1011 is affected.
- Version QEP8111 is affected.
- Version QFW7114 is affected.
- Version QFW7124 is affected.
- Version QMP1000 is affected.
- Version QRU1032 is affected.
- Version QRU1052 is affected.
- Version QRU1062 is affected.
- Version QSM8250 is affected.
- Version Qualcomm Video Collaboration VC5 Platform is affected.
- Version SA7255P is affected.
- Version SA7775P is affected.
- Version SA8255P is affected.
- Version SA8295P is affected.
- Version SA8530P is affected.
- Version SA8540P is affected.
- Version SA8620P is affected.
- Version SA8650P is affected.
- Version SA8770P is affected.
- Version SA8775P is affected.
- Version SA9000P is affected.
- Version SC8380XP is affected.
- Version SD 8 Gen1 5G is affected.
- Version SD865 5G is affected.
- Version SDM429W is affected.
- Version SDX55 is affected.
- Version SDX61 is affected.
- Version SDX71M is affected.
- Version SDX80M is affected.
- Version SG8275P is affected.
- Version SM4635 is affected.
- Version SM6650 is affected.
- Version SM7635 is affected.
- Version SM7675 is affected.
- Version SM7675P is affected.
- Version SM8550P is affected.
- Version SM8635 is affected.
- Version SM8635P is affected.
- Version SM8650Q is affected.
- Version SM8735 is affected.
- Version SM8750 is affected.
- Version SM8750P is affected.
- Version Snapdragon 4 Gen 2 Mobile Platform is affected.
- Version Snapdragon 429 Mobile Platform is affected.
- Version Snapdragon 8 Gen 1 Mobile Platform is affected.
- Version Snapdragon 8 Gen 2 Mobile Platform is affected.
- Version Snapdragon 8 Gen 3 Mobile Platform is affected.
- Version Snapdragon 8+ Gen 1 Mobile Platform is affected.
- Version Snapdragon 8+ Gen 2 Mobile Platform is affected.
- Version Snapdragon 865 5G Mobile Platform is affected.
- Version Snapdragon 865+ 5G Mobile Platform (SM8250-AB) is affected.
- Version Snapdragon 870 5G Mobile Platform (SM8250-AC) is affected.
- Version Snapdragon 8cx Gen 3 Compute Platform (SC8280XP-AB, BB) is affected.
- Version Snapdragon AR1 Gen 1 Platform is affected.
- Version Snapdragon AR1 Gen 1 Platform "Luna1" is affected.
- Version Snapdragon AR2 Gen 1 Platform is affected.
- Version Snapdragon Auto 5G Modem-RF Gen 2 is affected.
- Version Snapdragon Wear 4100+ Platform is affected.
- Version Snapdragon X35 5G Modem-RF System is affected.
- Version Snapdragon X55 5G Modem-RF System is affected.
- Version Snapdragon X62 5G Modem-RF System is affected.
- Version Snapdragon X65 5G Modem-RF System is affected.
- Version Snapdragon X70 Modem-RF System is affected.
- Version Snapdragon X72 5G Modem-RF System is affected.
- Version Snapdragon X75 5G Modem-RF System is affected.
- Version Snapdragon XR2 5G Platform is affected.
- Version Snapdragon XR2+ Gen 1 Platform is affected.
- Version SRV1H is affected.
- Version SRV1L is affected.
- Version SRV1M is affected.
- Version SSG2115P is affected.
- Version SSG2125P is affected.
- Version SXR1230P is affected.
- Version SXR2130 is affected.
- Version SXR2230P is affected.
- Version SXR2250P is affected.
- Version SXR2330P is affected.
- Version TalynPlus is affected.
- Version WCD9340 is affected.
- Version WCD9370 is affected.
- Version WCD9375 is affected.
- Version WCD9378 is affected.
- Version WCD9380 is affected.
- Version WCD9385 is affected.
- Version WCD9390 is affected.
- Version WCD9395 is affected.
- Version WCN3620 is affected.
- Version WCN3660B is affected.
- Version WCN3680B is affected.
- Version WCN3950 is affected.
- Version WCN3980 is affected.
- Version WCN3988 is affected.
- Version WCN6450 is affected.
- Version WCN6650 is affected.
- Version WCN6740 is affected.
- Version WCN6755 is affected.
- Version WCN7750 is affected.
- Version WCN7860 is affected.
- Version WCN7861 is affected.
- Version WCN7880 is affected.
- Version WCN7881 is affected.
- Version WSA8810 is affected.
- Version WSA8815 is affected.
- Version WSA8830 is affected.
- Version WSA8832 is affected.
- Version WSA8835 is affected.
- Version WSA8840 is affected.
- Version WSA8845 is affected.
- Version WSA8845H is affected.
Exploit Probability
EPSS
0.08%
Percentile
23.34%
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.