CVE-2024-27256
Published: 27 January 2025
Summary
CVE-2024-27256 is a medium-severity Use of a Broken or Risky Cryptographic Algorithm (CWE-327) vulnerability in Ibm Supplied Mq Advanced Container Images. Its CVSS base score is 5.9 (Medium).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 25.3th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SC-13 (Cryptographic Protection) and SC-8 (Transmission Confidentiality and Integrity).
Deeper analysis
CVE-2024-27256 is a cryptographic weakness in IBM MQ Container, specifically versions 3.0.0, 3.0.1, 3.1.0 through 3.1.3 CD, 2.0.0 LTS through 2.0.22 LTS, 2.4.0 through 2.4.8, 2.3.0 through 2.3.3, and 2.2.0 through 2.2.2. The issue stems from the use of weaker than expected cryptographic algorithms (CWE-327), which could enable decryption of highly sensitive information. It carries a CVSS v3.1 base score of 5.9 (AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N).
An unauthenticated attacker with network access could potentially exploit this vulnerability. Exploitation requires high attack complexity, with no privileges or user interaction needed. If successful, the attacker could achieve high-impact confidentiality loss by decrypting sensitive data, without impacting integrity or availability.
IBM provides details on mitigation in its security advisory at https://www.ibm.com/support/pages/node/7157667.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2024-24495
Vulnerability details
IBM MQ Container 3.0.0, 3.0.1, 3.1.0 through 3.1.3 CD, 2.0.0 LTS through 2.0.22 LTS and 2.4.0 through 2.4.8, 2.3.0 through 2.3.3, 2.2.0 through 2.2.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Crypto weakness enables network-based decryption of sensitive data on public-facing MQ service (T1190) and directly facilitates access to unsecured credentials or secrets (T1552).
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
SC-13 mandates the implementation of appropriate cryptographic mechanisms, directly preventing the use of weaker algorithms that allow decryption of sensitive information in IBM MQ Container.
SI-2 requires identification, reporting, and correction of system flaws such as this cryptographic weakness, enabling timely patching to mitigate the vulnerability.
SC-8 enforces confidentiality and integrity protections for transmitted information, requiring strong cryptographic algorithms to safeguard sensitive MQ messages from decryption attacks.