Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2024-22353
HistoryMar 31, 2024 - 12:15 p.m.

CVE-2024-22353

2024-03-3112:15:50
CWE-770
[email protected]
web.nvd.nist.gov
61
ibm
websphere
application server
memory consumption
vulnerability
remote attacker
denial of service
crafted request
ibm x-force

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.4 High

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.0004 Low

EPSS

Percentile

12.5%

JSON

IBM WebSphere Application Server Liberty 17.0.0.3 through 24.0.0.4 is vulnerable to a denial of service, caused by sending a specially crafted request. A remote attacker could exploit this vulnerability to cause the server to consume memory resources. IBM X-Force ID: 280400.

VendorProductVersionCPE
ibmwebsphere_application_server_liberty*cpe:2.3:a:ibm:websphere_application_server_liberty:*:*:*:*:*:*:*:*

Related

nessus 1
ibm 5
cnvd 1
cvelist 1
nessus
nessus
IBM WebSphere Application Server Liberty 17.0.0.3 < 24.0.0.5 DoS (7145365)
2024-03-27 00:00:00
ibm
ibm
Security Bulletin: The IBM® Engineering Lifecycle Engineering product using IBM WebSphere Application Server Liberty is vulnerable to a denial of service (CVE-2024-22353)
2024-05-08 06:02:03
Security Bulletin: IBM WebSphere Application Server Liberty, which is bundled with IBM WebSphere Hybrid Edition, is vulnerable to a denial of service (CVE-2024-22353)
2024-04-03 19:37:54
Security Bulletin: IBM WebSphere Application Server Liberty, which is bundled with IBM Cloud Pak for Applications, is vulnerable to a denial of service (CVE-2024-22353)
2024-04-03 20:53:47
cnvd
cnvd
IBM WebSphere Application Server Liberty Resource Management Error Vulnerability (CNVD-2024-18059)
2024-04-02 00:00:00
cvelist
cvelist
CVE-2024-22353 IBM WebSphere Application Server Liberty denial of service
2024-03-31 11:43:14

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.4 High

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.0004 Low

EPSS

Percentile

12.5%

JSON
Related for CVE-2024-22353
nessus1ibm5cnvd1cvelist1