Lucene search
HistoryAug 14, 2024 - 5:15 p.m.
CVE-2023-50315
ibm
websphere
application server
spoofing
vulnerability
x-force
certificate
trusted authority
sensitive information
CVSS3
5.9
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS
0.001
Percentile
37.8%
IBM WebSphere Application Server 8.5 and 9.0 could allow an attacker with access to the network to conduct spoofing attacks. An attacker could exploit this vulnerability using a certificate issued by a trusted authority to obtain sensitive information. IBM X-Force ID: 274714.
Affected configurations
Node
ibmwebsphere_application_serverMatch8.5.0.0
ORibmwebsphere_application_serverMatch9.0.0.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| ibm | websphere_application_server | 8.5.0.0 | cpe:2.3:a:ibm:websphere_application_server:8.5.0.0:*:*:*:*:*:*:* |
| ibm | websphere_application_server | 9.0.0.0 | cpe:2.3:a:ibm:websphere_application_server:9.0.0.0:*:*:*:*:*:*:* |
Related
cve
cve
CVE-2023-50315
2024-08-14 17:15:14
ibm
ibm
Security Bulletin: The IBM® Engineering Lifecycle Engineering products using IBM WebSphere Application Server is vulnerable to information disclosure (CVE-2023-50315)
2024-08-30 08:04:22
nessus
nessus
vulnrichment
vulnrichment
CVE-2023-50315 IBM WebSphere Application Server information disclosure
2024-08-14 17:04:49
cvelist
cvelist
CVE-2023-50315 IBM WebSphere Application Server information disclosure
2024-08-14 17:04:49
CVSS3
5.9
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS
0.001
Percentile
37.8%
Related for NVD:CVE-2023-50315