Lucene search
China National Vulnerability DatabaseCNVD-2023-11696HistoryFeb 09, 2023 - 12:00 a.m.
IBM WebSphere Application Server encryption problem vulnerability
2023-02-0900:00:00
China National Vulnerability Database
www.cnvd.org.cn
11
ibm
websphere
application server
encryption
vulnerability
javaee
web services
ibm websphere software platform
8.5
9.0
encryption keys
attacker
sensitive information
cnvd
0.001 Low
EPSS
Percentile
44.7%
IBM WebSphere Application Server (WAS) is an application server product from International Business Machines (IBM). The product is a platform for JavaEE and Web services applications and is the foundation of the IBM WebSphere software platform. IBM WebSphere Application Server versions 8.5 and 9.0 have an encryption problem vulnerability that stems from the use of weaker than expected encryption keys, which could be exploited by an attacker to decrypt sensitive information.
| CPE | Name | Operator | Version |
|---|---|---|---|
| ibm websphere application server | eq | 8.5 | |
| ibm websphere application server | eq | 9.0 |
Related
ibm
ibm
nvd
nvd
CVE-2022-43917
2023-01-26 21:17:49
cve
cve
CVE-2022-43917
2023-01-26 21:17:49
prion
prion
Code injection
2023-01-26 21:17:00
cvelist
cvelist
CVE-2022-43917 IBM WebSphere Application Server information disclosure
2023-01-25 17:17:35