Lucene search

[email protected]NVD:CVE-2023-38737

HistoryAug 16, 2023 - 7:15 p.m.

CVE-2023-38737

2023-08-1619:15:09

CWE-20

CWE-400

[email protected]

web.nvd.nist.gov

ibm

websphere

denial of service

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

AI Score

6.4

Confidence

High

EPSS

0.001

Percentile

46.0%

JSON

IBM WebSphere Application Server Liberty 22.0.0.13 through 23.0.0.7 is vulnerable to a denial of service, caused by sending a specially-crafted request. A remote attacker could exploit this vulnerability to cause the server to consume memory resources. IBM X-Force ID: 262567.

Affected configurations

Nvd

Node

ibmwebsphere_application_serverRange22.0.0.13–23.0.0.7liberty

VendorProductVersionCPE
ibmwebsphere_application_server*cpe:2.3:a:ibm:websphere_application_server:*:*:*:*:liberty:*:*:*

Vendor	Product	Version	CPE
ibm	websphere_application_server	*	cpe:2.3:a:ibm:websphere_application_server:::::liberty:::*

References

exchange.xforce.ibmcloud.com/vulnerabilities/262567

www.ibm.com/support/pages/node/7027509

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

AI Score

6.4

Confidence

High

EPSS

0.001

Percentile

46.0%

JSON

Related for NVD:CVE-2023-38737

prion1 nessus1 ibm23 cvelist1 cve1