CVE-2024-51461: 
IBM WinCollect vulnerability analysis and mitigation

IBM QRadar WinCollect Agent versions 10.0 through 10.1.13 contain a vulnerability that could allow a remote attacker to cause a denial of service. The vulnerability was assigned CVE-2024-51461 and was disclosed on April 10, 2025. The affected component is the WinCollect Agent, which is part of IBM's QRadar security information and event management (SIEM) solution (IBM Bulletin).

The vulnerability is related to resource allocation without proper limits or throttling (CWE-770). It can be exploited by interrupting an HTTP request, which could lead to memory resource consumption. The vulnerability has been assigned a CVSS v3.1 base score of 4.3 (Medium) with the vector string CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L, indicating that it requires user interaction and can be exploited remotely without authentication (IBM Bulletin).

If successfully exploited, this vulnerability could allow an attacker to cause a denial of service condition by consuming memory resources through interrupted HTTP requests. The impact is limited to availability, with no direct effect on confidentiality or integrity of the system (IBM Bulletin).

IBM has released WinCollect standalone agent version 10.1.14 to address this vulnerability. Users are recommended to upgrade their systems promptly to this version. The update is available for both 32-bit and 64-bit systems. No alternative workarounds or mitigations have been provided (IBM Bulletin).