Lucene search
IbmCVELIST:CVE-2023-35890HistoryJul 07, 2023 - 2:13 a.m.
CVE-2023-35890 IBM WebSphere Application Server information disclosure
2023-07-0702:13:23
CWE-327
ibm
www.cve.org
1
ibm
websphere
security
information disclosure
x-force id
configuration file
encoding
5.1 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
0.0004 Low
EPSS
Percentile
5.1%
IBM WebSphere Application Server 8.5 and 9.0 could provide weaker than expected security, caused by the improper encoding in a local configuration file. IBM X-Force ID: 258637.
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "WebSphere Application Server",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "8.5, 9.0"
}
]
}
]Related
ibm
ibm
Security Bulletin: Security vulnerability has been identified in WebSphere Application Server shipped with WebSphere Service Registry and Repository (CVE-2023-35890)
2023-06-29 14:41:42
cve
cve
CVE-2023-35890
2023-07-07 03:15:09
prion
prion
Design/Logic Flaw
2023-07-07 03:15:00
nvd
nvd
CVE-2023-35890
2023-07-07 03:15:09
nessus
nessus
5.1 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
0.0004 Low
EPSS
Percentile
5.1%
Related for CVELIST:CVE-2023-35890