Lucene search
China National Vulnerability DatabaseCNVD-2023-20087HistoryMar 05, 2023 - 12:00 a.m.
IBM WebSphere Application Server Input Validation Error Vulnerability (CNVD-2023-20087)
2023-03-0500:00:00
China National Vulnerability Database
www.cnvd.org.cn
11
ibm
websphere
application server
input validation
vulnerability
http server
denial of service
remote attackers
error messages
0.001 Low
EPSS
Percentile
45.6%
IBM WebSphere Application Server (WAS) is an application server product from International Business Machines (IBM). The product is a platform for JavaEE and Web services applications and is the foundation of the IBM WebSphere software platform. IBM WebSphere Application Server HTTP Server version 8.5 has an input validation error vulnerability that stems from failure to properly handle incoming error messages, which can be exploited by remote attackers The vulnerability causes a denial of service through the use of specially crafted URLs.
| CPE | Name | Operator | Version |
|---|---|---|---|
| ibm ibm websphere application server | eq | 8.5 |
Related
nvd
nvd
CVE-2023-26281
2023-03-01 08:15:14
cve
cve
CVE-2023-26281
2023-03-01 08:15:14
ibm
ibm
prion
prion
Code injection
2023-03-01 08:15:00
nessus
nessus
IBM HTTP Server 8.5.5.22 < 8.5.5.24 DoS (6958522)
2023-10-19 00:00:00
cvelist
cvelist
CVE-2023-26281 IBM HTTP Server denial of service
2023-02-28 14:19:15