Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ibmIBM427354E7280541AB1CB5DB5B21B2EEF23A780A143F654694F8F84BBAF675DE54
HistorySep 26, 2024 - 3:57 p.m.

Security Bulletin: Vulnerability in glibc affects IBM Integrated Analytics System [CVE-2023-5156]

2024-09-2615:57:40
www.ibm.com
2
ibm integrated analytics system
glibc
vulnerability fix
cve-2023-5156
denial of service

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

AI Score

6.3

Confidence

High

JSON

Summary

Redhat provided glibc is used by IBM Integrated Analytics System. IBM Integrated Analytics System has addressed the applicable CVE [ CVE-2023-5156]

Vulnerability Details

CVEID:CVE-2023-5156
**DESCRIPTION:**GNU C Library (glibc) is vulnerable to a denial of service, caused by a memory leak in getaddrinfo.c. By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause the application to crash.
CVSS Base score: 3.7
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/267194 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L)

Affected Products and Versions

Affected Product(s) Version(s)
IBM Integrated Analytics System 1.0.0-1.0.28.2

Remediation/Fixes

Affected Product(s) VRMF Remediation/Fixes
IBM Integrated Analytics System 1.0.30.0 Link to Fix Central

Workarounds and Mitigations

None

Affected configurations

Vulners
Node
ibmsmart_analytics_system_7710Matchany
VendorProductVersionCPE
ibmsmart_analytics_system_7710anycpe:2.3:a:ibm:smart_analytics_system_7710:any:*:*:*:*:*:*:*

Related

cbl_mariner 2
cgr 1
osv 4
wolfi 1
nessus 17
redhatcve 1
prion 1
cvelist 1
nvd 1
ubuntucve 2
openvas 16
cve 1
debiancve 1
mageia 1
ubuntu 2
cloudfoundry 2
photon 2
fedora 3
gentoo 1
ibm 5
hp 2
oracle 1
ics 1
cbl_mariner
cbl_mariner
CVE-2023-5156 affecting package glibc for versions less than 2.38-6
2024-07-02 23:30:04
CVE-2023-5156 affecting package glibc for versions less than 2.35-6
2023-11-08 02:07:28
cgr
cgr
CVE-2023-5156 vulnerabilities
2024-05-19 03:07:16
osv
osv
CGA-vg2w-38fx-mjjj
2024-06-06 12:26:26
CVE-2023-5156
2023-09-25 16:15:15
glibc regression
2024-01-10 13:10:15
wolfi
wolfi
CVE-2023-5156 vulnerabilities
2024-09-28 03:12:03
nessus
nessus
Amazon Linux 2023 : compat-libpthread-nonshared, glibc, glibc-all-langpacks (ALAS2023-2023-407)
2023-11-04 00:00:00
Photon OS 4.0: Glibc PHSA-2023-4.0-0535
2024-07-24 00:00:00
CBL Mariner 2.0 Security Update: glibc (CVE-2023-5156)
2024-07-04 00:00:00
redhatcve
redhatcve
CVE-2023-5156
2023-09-25 07:54:46
prion
prion
Memory corruption
2023-09-25 16:15:00
cvelist
cvelist
CVE-2023-5156 Glibc: dos due to memory leak in getaddrinfo.c
2023-09-25 15:55:15
nvd
nvd
CVE-2023-5156
2023-09-25 16:15:15
ubuntucve
ubuntucve
CVE-2023-5156
2023-09-25 00:00:00
CVE-2023-4806
2023-09-18 00:00:00
openvas
openvas
Mageia: Security Advisory (MGASA-2023-0281)
2023-10-10 00:00:00
Huawei EulerOS: Security Advisory for glibc (EulerOS-SA-2023-3330)
2023-12-12 00:00:00
Huawei EulerOS: Security Advisory for glibc (EulerOS-SA-2024-1034)
2024-01-05 00:00:00
cve
cve
CVE-2023-5156
2023-09-25 16:15:15
debiancve
debiancve
CVE-2023-5156
2023-09-25 16:15:15
mageia
mageia
Updated glibc packages fix a security vulnerability
2023-10-03 13:53:29
ubuntu
ubuntu
GNU C Library regression
2024-01-10 00:00:00
GNU C Library vulnerabilities
2023-12-07 00:00:00
cloudfoundry
cloudfoundry
USN-6541-1: GNU C Library vulnerabilities | Cloud Foundry
2024-04-04 00:00:00
USN-6541-2: GNU C Library regression | Cloud Foundry
2024-02-29 00:00:00
photon
photon
Important Photon OS Security Update - PHSA-2023-4.0-0535
2023-12-24 00:00:00
Critical Photon OS Security Update - PHSA-2023-5.0-0110
2023-10-06 00:00:00
fedora
fedora
[SECURITY] Fedora 37 Update: glibc-2.36-14.fc37
2023-10-04 15:49:21
[SECURITY] Fedora 38 Update: glibc-2.37-10.fc38
2023-10-04 15:52:08
[SECURITY] Fedora 39 Update: glibc-2.38-6.fc39
2023-10-04 17:16:19
gentoo
gentoo
glibc: Multiple Vulnerabilities
2024-02-02 00:00:00
ibm
ibm
Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to multiple Operator package issues
2024-02-05 18:51:32
Security Bulletin: IBM QRadar Network Packet Capture includes components with multiple known vulnerabilities
2024-07-23 08:53:46
Security Bulletin: IBM Cloud Pak for Network Automation 2.6.4 fixes multiple security vulnerabilities
2023-12-15 14:31:02
hp
hp
HP ThinPro 8.1 SP 2 Security Updates
2024-04-12 00:00:00
HP ThinPro 8.0 SP 8 Security Updates
2024-03-01 00:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - April 2024
2024-04-16 00:00:00
ics
ics
Siemens SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP V3.1
2023-12-14 12:00:00

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

AI Score

6.3

Confidence

High

JSON
Related for 427354E7280541AB1CB5DB5B21B2EEF23A780A143F654694F8F84BBAF675DE54
cbl_mariner2cgr1osv4wolfi1nessus17redhatcve1prion1cvelist1nvd1ubuntucve2openvas16cve1debiancve1mageia1ubuntu2cloudfoundry2photon2fedora3gentoo1ibm5hp2oracle1ics1