CVE-2024-27267 MEDIUM

CVE-2024-27267: IBM SDK, Java Technology Edition denial of service

Vendor Ibm

Product SDK, Java Technology Edition

Weakness CWE-362

Published August 14, 2024

Last update September 29, 2025

View on NVD All CVEs

CVSS base score

5.9/10

Attack vector Network

Attack complexity High

Privileges required None

User interaction None

Confidentiality None

Integrity None

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

What the vulnerability does

Description

The Object Request Broker (ORB) in IBM SDK, Java Technology Edition 7.1.0.0 through 7.1.5.18 and 8.0.0.0 through 8.0.8.26 is vulnerable to remote denial of service, caused by a race condition in the management of ORB listener threads.

Key dates

Disclosure timeline

August 14, 2024 CVE published

September 29, 2025 Record updated

Identifiers

CVE CVE-2024-27267

CWE CWE-362

CVSS 5.9 / MEDIUM

Affected versions

Vendor Ibm

Product SDK, Java Technology Edition

Affected ≥ 7.1.0.0 and ≤ 7.1.5.18

Vendor Ibm

Product SDK, Java Technology Edition

Affected ≥ 8.0.0.0 and ≤ 8.0.8.26