Lucene search

IBME47EBC5A42BEB666D416A50615A4651BA8BA0C876A3D62039A5CD1D99F6929EE

HistoryApr 10, 2024 - 2:21 p.m.

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM WebSphere Remote Server CVE-2023-51775

2024-04-1014:21:33

www.ibm.com

ibm websphere remote server

ibm websphere application server

vulnerability

cve-2023-51775

security bulletin

denial of service

6.9 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.1%

JSON

Summary

IBM WebSphere Application Server is shipped with IBM WebSphere Remote Server. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin.

Vulnerability Details

Refer to the security bulletin(s) listed in the Remediation/Fixes section

Affected Products and Versions

Affected Product(s)	Version(s)
IBM WebSphere Remote Server	9.0, 8.5

Remediation/Fixes

IBM strongly recommends addressing the vulnerability now. Refer to the following security bulletins for vulnerability details and information about fixes addressed by WebSphere Application which is shipped with IBM WebSphere Remote Server.

Principal Product and Version(s)

Affected Supporting Product and Version

Affected Supporting Product Security Bulletin

—|—|—

IBM WebSphere Remote Server 9.0, 8.5

WebSphere Application 9.0, 8.5

IBM WebSphere Application Server and IBM WebSphere Application Server Liberty are vulnerable to a denial of service due to jose4j (CVE-2023-51775)

Workarounds and Mitigations

None

Affected configurations

Vulners

Node

ibmwebsphere_application_serverMatch9.0

ibmwebsphere_application_serverMatch8.5

CPENameOperatorVersion
ibm websphere remote servereq9.0
ibm websphere remote servereq8.5

CPE	Name	Operator	Version
	ibm websphere remote server	eq	9.0
	ibm websphere remote server	eq	8.5