Lucene search

IBMFAFDD5F74CE6FCCB94CD4FB8F4FF974ECA98AB546E66799B87DEDE93B1B57A46

HistoryFeb 09, 2023 - 5:05 a.m.

Security Bulletin: IBM Tivoli Composite Application Manager for Application Diagnostics Installed WebSphere Application Server traditional is vulnerable to a remote code execution vulnerability

2023-02-0905:05:13

www.ibm.com

ibm tivoli

application diagnostics

websphere

remote code execution

vulnerability

security bulletin

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.003

Percentile

72.1%

JSON

Summary

The security issue described in CVE-2023-23477 has been identified in the WebSphere Application Server traditional included as part of IBM Tivoli Composite Application Manager for Application Diagnostics

Vulnerability Details

Refer to the security bulletin(s) listed in the Remediation/Fixes section

Affected Products and Versions

Affected Product(s)	Version(s)
Tivoli Composite Application Manager for Application Diagnostics	7.1.0

Remediation/Fixes

Follow the WebSphere security bulletin, <https://www.ibm.com/support/pages/node/6891111> to update WebSphere Application Servers.

Workarounds and Mitigations

None

Affected configurations

Vulners

Node

ibmtivoli_composite_application_manager_for_wesbsphereMatch7.1.0

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.003

Percentile

72.1%

JSON

Related for FAFDD5F74CE6FCCB94CD4FB8F4FF974ECA98AB546E66799B87DEDE93B1B57A46