Cyber Resilience

CVE-2024-27256

Medium

Published: 27 January 2025

Published
27 January 2025
Modified
18 August 2025
KEV Added
Patch
CVSS Score v3.1 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS Score 0.0009 25.3th percentile
Risk Priority 12 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-27256 is a medium-severity Use of a Broken or Risky Cryptographic Algorithm (CWE-327) vulnerability in Ibm Supplied Mq Advanced Container Images. Its CVSS base score is 5.9 (Medium).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 25.3th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SC-13 (Cryptographic Protection) and SC-8 (Transmission Confidentiality and Integrity).

Deeper analysis

CVE-2024-27256 is a cryptographic weakness in IBM MQ Container, specifically versions 3.0.0, 3.0.1, 3.1.0 through 3.1.3 CD, 2.0.0 LTS through 2.0.22 LTS, 2.4.0 through 2.4.8, 2.3.0 through 2.3.3, and 2.2.0 through 2.2.2. The issue stems from the use of weaker than expected cryptographic algorithms (CWE-327), which could enable decryption of highly sensitive information. It carries a CVSS v3.1 base score of 5.9 (AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N).

An unauthenticated attacker with network access could potentially exploit this vulnerability. Exploitation requires high attack complexity, with no privileges or user interaction needed. If successful, the attacker could achieve high-impact confidentiality loss by decrypting sensitive data, without impacting integrity or availability.

IBM provides details on mitigation in its security advisory at https://www.ibm.com/support/pages/node/7157667.

EU & UK References

Vulnerability details

IBM MQ Container 3.0.0, 3.0.1, 3.1.0 through 3.1.3 CD, 2.0.0 LTS through 2.0.22 LTS and 2.4.0 through 2.4.8, 2.3.0 through 2.3.3, 2.2.0 through 2.2.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
T1552 Unsecured Credentials Credential Access
Adversaries may search compromised systems to find and obtain insecurely stored credentials.
Why these techniques?

Crypto weakness enables network-based decryption of sensitive data on public-facing MQ service (T1190) and directly facilitates access to unsecured credentials or secrets (T1552).

Confidence: MEDIUM · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2024-22347Same vendor: Ibm
CVE-2025-14480Same vendor: Ibm
CVE-2024-43178Same vendor: Ibm
CVE-2024-31896Same vendor: Ibm
CVE-2025-1719Same vendor: Ibm
CVE-2026-8633Same vendor: Ibm
CVE-2025-0159Same vendor: Ibm
CVE-2023-49886Same vendor: Ibm
CVE-2026-1343Same vendor: Ibm
CVE-2026-8620Same vendor: Ibm

Affected Assets

ibm
mq operator
3.0.0, 3.0.1 · 2.0.0 — 2.0.22 · 2.2.0 — 2.2.2 · 2.3.0 — 2.3.3
ibm
supplied mq advanced container images
9.2.0.1, 9.2.0.2, 9.2.0.4, 9.2.0.5, 9.2.0.6

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

SC-13 mandates the implementation of appropriate cryptographic mechanisms, directly preventing the use of weaker algorithms that allow decryption of sensitive information in IBM MQ Container.

prevent

SI-2 requires identification, reporting, and correction of system flaws such as this cryptographic weakness, enabling timely patching to mitigate the vulnerability.

prevent

SC-8 enforces confidentiality and integrity protections for transmitted information, requiring strong cryptographic algorithms to safeguard sensitive MQ messages from decryption attacks.

References