Lucene search
IbmCVELIST:CVE-2023-46158HistoryOct 25, 2023 - 2:56 a.m.
CVE-2023-46158 IBM WebSphere Application Server session fixation
2023-10-2502:56:20
CWE-613
ibm
www.cve.org
2
ibm
websphere
server
security
improper handling
resource expiration
x-force id
4.9 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
9 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
32.0%
IBM WebSphere Application Server Liberty 23.0.0.9 through 23.0.0.10 could provide weaker than expected security due to improper resource expiration handling. IBM X-Force ID: 268775.
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "WebSphere Application Server Liberty",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "23.0.0.9, 23.0.0.10"
}
]
}
]Related
ibm
ibm
nvd
nvd
CVE-2023-46158
2023-10-25 18:17:37
nessus
nessus
prion
prion
Design/Logic Flaw
2023-10-25 18:17:00
cnvd
cnvd
cve
cve
CVE-2023-46158
2023-10-25 18:17:37
4.9 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
9 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
32.0%
Related for CVELIST:CVE-2023-46158