Lucene search
HistoryApr 02, 2024 - 1:15 p.m.
CVE-2023-50313
ibm
websphere
tls
weak
security
cve-2023-50313
CVSS3
6.5
Attack Vector
ADJACENT
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
AI Score
5.7
Confidence
High
EPSS
0
Percentile
15.5%
IBM WebSphere Application Server 8.5 and 9.0 could provide weaker than expected security for outbound TLS connections caused by a failure to honor user configuration. IBM X-Force ID: 274812.
Affected configurations
Node
ibmwebsphere_application_serverMatch8.5
ORibmwebsphere_application_serverMatch9.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| ibm | websphere_application_server | 8.5 | cpe:2.3:a:ibm:websphere_application_server:8.5:*:*:*:*:*:*:* |
| ibm | websphere_application_server | 9.0 | cpe:2.3:a:ibm:websphere_application_server:9.0:*:*:*:*:*:*:* |
Related
ibm
ibm
Security Bulletin: IBM WebSphere Application Server could provide weaker than expected security (CVE-2023-50313)
2024-05-21 20:05:05
cve
cve
CVE-2023-50313
2024-04-02 13:15:51
nessus
nessus
IBM WebSphere Application Server 8.5.x < 8.5.5.26 / 9.x < 9.0.5.20 (7145620)
2024-04-02 00:00:00
vulnrichment
vulnrichment
CVE-2023-50313 IBM WebSphere Application Server information disclosure
2024-04-02 12:54:31
cvelist
cvelist
CVE-2023-50313 IBM WebSphere Application Server information disclosure
2024-04-02 12:54:31
CVSS3
6.5
Attack Vector
ADJACENT
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
AI Score
5.7
Confidence
High
EPSS
0
Percentile
15.5%
Related for NVD:CVE-2023-50313