CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
37.9%
IBM WebSphere Application Server Liberty could provide weaker than expected security. Following IBM® Engineering Lifecycle Engineering products are vulnerable to this attack, it has been addressed in this bulletin: IBM Engineering Workflow Management, Jazz Foundation, Global Configuration Management, IBM Engineering Requirements Management DOORS Next
Refer to the security bulletin(s) listed in the Remediation/Fixes section
Versions
Affected Product(s) | Version(s) |
---|---|
IBM Engineering Requirements Management DOORS Next | 7.0.2, 7.0.3 |
IBM Engineering Workflow Management | |
Global Configuration Management | |
Jazz Foundation |
CVE-2023-46158 may affect above mentioned The IBM® Engineering Lifecycle Engineering products which has features: appSecurity-1.0, appSecurity-2.0, appSecurity-3.0, appSecurity-4.0 or appSecurity-5.0
This affects WebSphere Application Liberty versions 23.0.0.9 and 23.0.0.10
Please follow the instruction given in the following article.
Link: <https://www.ibm.com/support/pages/node/7058356>
None
Vendor | Product | Version | CPE |
---|---|---|---|
ibm | ibm_engineering_lifecycle_management_base | 7.0.2 | cpe:2.3:a:ibm:ibm_engineering_lifecycle_management_base:7.0.2:*:*:*:*:*:*:* |
ibm | ibm_engineering_lifecycle_management_base | 7.0.3 | cpe:2.3:a:ibm:ibm_engineering_lifecycle_management_base:7.0.3:*:*:*:*:*:*:* |
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
37.9%