Lucene search

IBM23F2C23824AB21B79C94EC1281B723AEA36AFC05E1336E8E3CE4688F488F3AF6

HistoryApr 26, 2024 - 8:18 a.m.

Security Bulletin: WebSphere Application Server traditional could provide weaker than expected security for outbound SSL connections (CVE-2023-50313 )

2024-04-2608:18:20

www.ibm.com

websphere application server

ibm tivoli system automation application manager

security bulletin

outbound ssl connections

cve-2023-50313

remediation

fixes

6.5 Medium

CVSS3

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

6.3 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

15.5%

JSON

Summary

WebSphere Application Server is shipped with IBM Tivoli System Automation Application Manager. Information about a security vulnerability affecting WebSphere Application Server has been published in a security bulletin.

Vulnerability Details

Refer to the security bulletin(s) listed in the Remediation/Fixes section

Affected Products and Versions

Affected Product(s)	Version(s)
IBM Tivoli System Automation Application Manager	4.1

Remediation/Fixes

Principal Product and Version(s)	Affected Supporting Product and Version	Affected Supporting Product Security Bulletin
IBM Tivoli System Automation Application Manager 4.1	WebSphere Application Server 8.5	WebSphere Application Server traditional could provide weaker than expected security for outbound SSL connections (CVE-2023-50313)
IBM Tivoli System Automation Application Manager 4.1	WebSphere Application Server 9.0	WebSphere Application Server traditional could provide weaker than expected security for outbound SSL connections (CVE-2023-50313)

Workarounds and Mitigations

None

Affected configurations

Vulners

Node

ibmtivoli_service_automation_managerMatch4.1

CPENameOperatorVersion
tivoli system automation application managereq4.1

CPE	Name	Operator	Version
	tivoli system automation application manager	eq	4.1

6.5 Medium

CVSS3

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

6.3 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

15.5%

JSON

Related for 23F2C23824AB21B79C94EC1281B723AEA36AFC05E1336E8E3CE4688F488F3AF6