Lucene search

K
ibmIBMFAFDD5F74CE6FCCB94CD4FB8F4FF974ECA98AB546E66799B87DEDE93B1B57A46
HistoryFeb 09, 2023 - 5:05 a.m.

Security Bulletin: IBM Tivoli Composite Application Manager for Application Diagnostics Installed WebSphere Application Server traditional is vulnerable to a remote code execution vulnerability

2023-02-0905:05:13
www.ibm.com
10

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

0.004 Low

EPSS

Percentile

73.6%

Summary

The security issue described in CVE-2023-23477 has been identified in the WebSphere Application Server traditional included as part of IBM Tivoli Composite Application Manager for Application Diagnostics

Vulnerability Details

Refer to the security bulletin(s) listed in the Remediation/Fixes section

Affected Products and Versions

Affected Product(s) Version(s)
Tivoli Composite Application Manager for Application Diagnostics 7.1.0

Remediation/Fixes

Follow the WebSphere security bulletin, <https://www.ibm.com/support/pages/node/6891111&gt; to update WebSphere Application Servers.

Workarounds and Mitigations

None

Affected configurations

Vulners
Node
ibmtivoli_composite_application_manager_for_wesbsphereMatch7.1.0

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

0.004 Low

EPSS

Percentile

73.6%

Related for FAFDD5F74CE6FCCB94CD4FB8F4FF974ECA98AB546E66799B87DEDE93B1B57A46