CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
Percentile
91.2%
IBM Watson Explorer contains a vulnerable version of IBM WebSphere Application Server Liberty.
CVEID:CVE-2023-24998
**DESCRIPTION:**Apache Commons FileUpload and Tomcat are vulnerable to a denial of service, caused by not limit the number of request parts to be processed in the file upload function. By sending a specially-crafted request with series of uploads, a remote attacker could exploit this vulnerability to cause a denial of service condition.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/247895 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
Affected Product(s) | Version(s) |
---|---|
IBM Watson Explorer DAE | |
oneWEX Components |
12.0.0.0, 12.0.0.1
12.0.1,
12.0.2.0 - 12.0.2.2,
12.0.3.0 - 12.0.3.11
IBM Watson Explorer DAE Analytical Components|
12.0.0.0, 12.0.0.1
12.0.1,
12.0.2.0 - 12.0.2.2,
12.0.3.0 - 12.0.3.11
IBM Watson Explorer DAE Foundational Components|
12.0.0.0, 12.0.0.1
12.0.1,
12.0.2.0 - 12.0.2.2,
12.0.3.0 - 12.0.3.11
IBM Watson Explorer Analytical Components| 11.0.0.0 - 11.0.0.3,
11.0.1,
11.0.2.0 - 11.0.2.15
IBM Watson Explorer Foundational Components| 11.0.0.0 - 11.0.0.3,
11.0.1,
11.0.2.0 - 11.0.2.15
Affected Product | Affected Versions | Fix |
---|---|---|
IBM Watson Explorer DAE | ||
oneWEX Components |
12.0.0.0, 12.0.0.1
12.0.1,
12.0.2.0 - 12.0.2.2,
12.0.3.0 - 12.0.3.11
|
Upgrade to Version 12.0.3.12.
See Watson Explorer Version 12.0.3.12 oneWEX for download information and instructions.
12.0.0.0, 12.0.0.1
12.0.1,
12.0.2.0 - 12.0.2.2,
12.0.3.0 - 12.0.3.11
|
Upgrade to Version 12.0.3.12.
See Watson Explorer Version 12.0.3.12 Analytical Components for download information and instructions.
12.0.0.0, 12.0.0.1
12.0.1,
12.0.2.0 - 12.0.2.2,
12.0.3.0 - 12.0.3.11
|
Upgrade to Version 12.0.3.12.
See Watson Explorer Version 12.0.3.12 Foundational Components for download information and instructions.
11.0.0.0 - 11.0.0.3,
11.0.1,
11.0.2.0 - 11.0.2.15
|
Upgrade to Watson Explorer Analytical Components Version 11.0.2 Fix Pack 16. For information about this version, and links to the software and release notes, see the download document. For information about upgrading, see the upgrade procedures.
11.0.0.0 - 11.0.0.3,
11.0.1,
11.0.2.0 - 11.0.2.15
|
Upgrade to Watson Explorer Foundational Components Version 11.0.2 Fix Pack 16. For information about this version, and links to the software and release notes, see the download document. For information about upgrading, see the upgrade procedures.
None
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
Percentile
91.2%