7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
0.001 Low
EPSS
Percentile
45.6%
WebSphere Application Server Traditional is shipped as a component of IBM Business Automation Workflow. WebSphere Application Server Liberty is shipped as part of the optional components Process Federation Server (since 8.5.6), and User Management Service (since 18.0.0.1) in IBM Business Automation Workflow. Information about security vulnerabilities in IBM HTTP Server affecting IBM WebSphere Application Server Traditional and IBM WebSphere Application Server Liberty have been published.
Refer to the security bulletin(s) listed in the Remediation/Fixes section
Affected Product(s) | Version(s) | Status |
---|---|---|
IBM Business Automation Workflow traditional | V22.0.1 - V22.0.2 | |
V21.0.1 - V21.0.3.1 | ||
V20.0.0.1 - V20.0.0.2 | ||
V19.0.0.1 - V19.0.0.3 | ||
earlier unsupported versions | affected | |
IBM Business Automation Workflow containers | V22.0.1 - V22.0.2 | |
V21.0.1 - V21.0.3 | ||
V20.0.0.1 - V20.0.0.2 | not affected |
Please consult the Security Bulletin: IBM HTTP Server is vulnerable to a denial of service (CVE-2023-26281) for vulnerability details and information about fixes.
None
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
0.001 Low
EPSS
Percentile
45.6%