Lucene search

K
cve[email protected]CVE-2023-28513
HistoryJul 19, 2023 - 2:15 a.m.

CVE-2023-28513

2023-07-1902:15:09
CWE-20
web.nvd.nist.gov
121
ibm
mq
9.0
9.1
9.2
9.3
lts
cd
appliance
dos
vulnerability
x-force
250397
nvd

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.1 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

51.2%

IBM MQ 9.0 LTS, 9.1 LTS, 9.2 LTS, 9.3 LTS, 9.2 CD, and 9.3 CD and IBM MQ Appliance 9.2 LTS, 9.3 LTS, 9.2 CD, and 9.2 LTS, under certain configurations, is vulnerable to a denial of service attack caused by an error processing messages. IBM X-Force ID: 250397.

Affected configurations

Vulners
NVD
Node
ibmmqMatch9.0lts
OR
ibmmqMatch9.1lts
OR
ibmmqMatch9.2lts
OR
ibmmqMatch9.3lts
OR
ibmmqMatch9.2continuous_delivery
OR
ibmmqMatch9.3continuous_delivery
OR
ibmmq_applianceMatch9.2lts
OR
ibmmq_applianceMatch9.3lts
OR
ibmmq_applianceMatch9.2continuous_delivery
OR
ibmmq_applianceMatch9.2lts
VendorProductVersionCPE
ibmmq9.0cpe:2.3:a:ibm:mq:9.0:*:*:*:lts:*:*:*
ibmmq9.1cpe:2.3:a:ibm:mq:9.1:*:*:*:lts:*:*:*
ibmmq9.2cpe:2.3:a:ibm:mq:9.2:*:*:*:lts:*:*:*
ibmmq9.3cpe:2.3:a:ibm:mq:9.3:*:*:*:lts:*:*:*
ibmmq9.2cpe:2.3:a:ibm:mq:9.2:*:*:*:continuous_delivery:*:*:*
ibmmq9.3cpe:2.3:a:ibm:mq:9.3:*:*:*:continuous_delivery:*:*:*
ibmmq_appliance9.2cpe:2.3:a:ibm:mq_appliance:9.2:*:*:*:lts:*:*:*
ibmmq_appliance9.3cpe:2.3:a:ibm:mq_appliance:9.3:*:*:*:lts:*:*:*
ibmmq_appliance9.2cpe:2.3:a:ibm:mq_appliance:9.2:*:*:*:continuous_delivery:*:*:*
ibmmq_appliance9.2cpe:2.3:a:ibm:mq_appliance:9.2:*:*:*:lts:*:*:*

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "MQ",
    "vendor": "IBM",
    "versions": [
      {
        "status": "affected",
        "version": "9.0 LTS, 9.1 LTS, 9.2 LTS, 9.3 LTS, 9.2 CD, 9.3 CD"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "MQ Appliance",
    "vendor": "IBM",
    "versions": [
      {
        "status": "affected",
        "version": "9.2 LTS, 9.3 LTS, 9.2 CD, 9.2 LTS"
      }
    ]
  }
]

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.1 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

51.2%

Related for CVE-2023-28513