CVE-2024-51476
Published: 06 March 2025
Summary
CVE-2024-51476 is a high-severity Improper Restriction of Excessive Authentication Attempts (CWE-307) vulnerability in Ibm Concert Software. Its CVSS base score is 7.5 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Brute Force (T1110); ranked at the 26.0th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 AC-7 (Unsuccessful Logon Attempts) and AU-12 (Audit Record Generation).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Directly addresses the CVE by requiring limits on consecutive unsuccessful logon attempts and account lockout to prevent brute force credential attacks.
Ensures secure configuration settings are established and implemented, including adequate account lockout thresholds to mitigate the inadequate setting in IBM Concert Software.
Generates audit records for unsuccessful logon attempts, allowing detection of ongoing brute force attacks against account credentials.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Inadequate account lockout directly enables online brute force via repeated authentication attempts (T1110 Brute Force, specifically T1110.001 Password Guessing) to obtain valid credentials.
NVD Description
IBM Concert Software 1.0.5 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials.
Deeper analysisAI
CVE-2024-51476 is a vulnerability in IBM Concert Software version 1.0.5 stemming from an inadequate account lockout setting. This flaw, classified under CWE-307 (Improper Restriction of Excessive Authentication Attempts), enables brute force attacks against account credentials. The issue carries a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N), highlighting its high severity due to network accessibility, low attack complexity, and significant confidentiality impact.
A remote attacker requires no privileges or user interaction to exploit this vulnerability over the network. By repeatedly attempting authentication without effective lockout enforcement, the attacker can brute force credentials, potentially gaining unauthorized access to accounts and exposing sensitive data, consistent with the high confidentiality impact.
IBM provides details on the vulnerability, including mitigation recommendations, in their security advisory at https://www.ibm.com/support/pages/node/7184961.
Details
- CWE(s)