Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ibmIBMC32DCB92F7389A924E50ADFCBA18ACBE0D59A3FAE9D75DB8463674F2BE920453
HistoryAug 11, 2023 - 3:08 p.m.

Security Bulletin: IBM TXSeries for Multiplatforms Web Services is vulnerable to Slowloris attack which is a type of denial-of-service (DoS)

2023-08-1115:08:48
www.ibm.com
15
ibm
txseries
multiplatforms
web services
slowloris attack
denial of service
vulnerability
cve-2023-38741
cvss
remediation
fixes
linux
aix
windows
hp

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.001 Low

EPSS

Percentile

23.6%

JSON

Summary

IBM TXSeries for Multiplatforms Web Services is vulnerable to Slowloris attack which is a type of denial-of-service (DoS). This issue has been addressed.

Vulnerability Details

CVEID:CVE-2023-38741
**DESCRIPTION:**IBM TXSeries for Multiplatforms is vulnerable to a denial of service, caused by improper enforcement of the timeout on individual read operations. By conducting a slowloris-type attacks, a remote attacker could exploit this vulnerability to cause a denial of service.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/262905 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

Affected Products and Versions

Affected Product(s) Version(s)
IBM TXSeries for Multiplatforms 8.1
IBM TXSeries for Multiplatforms 8.2
IBM TXSeries for Multiplatforms 9.1

Remediation/Fixes

Product Version Platform Remediation/Fix
IBM TXSeries for Multiplatforms

8.1

| Linux, AIX| Please follow the recommendations here
IBM TXSeries for Multiplatforms|

8.2

| Linux, AIX, Windows, HP| Please follow the recommendations here
IBM TXSeries for Multiplatforms|

9.1

| Linux, AIX| Please follow the recommendations here

Workarounds and Mitigations

None

Affected configurations

Vulners
Node
ibmtxseries_for_multiplatformsMatch8.1
OR
ibmtxseries_for_multiplatformsMatch8.2
OR
ibmtxseries_for_multiplatformsMatch9.1

Related

cvelist 1
nvd 1
prion 1
cve 1
cnvd 1
cvelist
cvelist
CVE-2023-38741 IBM TXSeries for Multiplatforms denial of service
2023-08-14 17:19:00
nvd
nvd
CVE-2023-38741
2023-08-14 18:15:11
prion
prion
Design/Logic Flaw
2023-08-14 18:15:00
cve
cve
CVE-2023-38741
2023-08-14 18:15:11
cnvd
cnvd
IBM TXSeries for Multiplatforms Denial of Service Vulnerability
2023-08-16 00:00:00

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.001 Low

EPSS

Percentile

23.6%

JSON
Related for C32DCB92F7389A924E50ADFCBA18ACBE0D59A3FAE9D75DB8463674F2BE920453
cvelist1nvd1prion1cve1cnvd1