Lucene search
K

4 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2025/03/14 1:33 p.m.11 views

Security Bulletin: DataStage on Cloud Pak for Data is vulnerable to arbitrary code execution due to redisson-3.17.7 (CVE-2023-42809)

Summary redisson is used by DataStage on Cloud Pak for Data as part of the Redis Java client. Vulnerability Details CVEID:CVE-2023-42809 DESCRIPTION: Redisson could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization flaw. By persuading a victim to...

9.6CVSS7.6AI score0.01036EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/10/02 4:30 p.m.14 views

Security Bulletin: IBM Cloud Pak for Network Automation 2.7.6 addresses multiple security vulnerabilities

Summary IBM Cloud Pak for Network Automation 2.7.6 addresses multiple security vulnerabilities, listed in the CVEs below. Vulnerability Details CVEID:CVE-2023-42809 DESCRIPTION: Redisson could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization fla...

9.6CVSS7.7AI score0.01036EPSS
Exploits1Affected Software1
RedhatCVE
RedhatCVE
added 2024/08/06 9:48 a.m.33 views

CVE-2023-42809

Deserialization of untrusted data vulnerability was found in Redisson, as some messages received from the Redis server contain Java objects that the client deserializes without further validation. This flaw allows attackers who manage to trick clients into communicating with a malicious server to...

8.8CVSS7.5AI score0.01036EPSS
Exploits1References6
CVE
CVE
added 2023/10/04 7:18 p.m.98 views

CVE-2023-42809

CVE-2023-42809 affects the Redisson Java Redis client (Netty). Before version 3.22.0, responses from a malicious Redis server could contain crafted Java objects that are deserialized by the client without sufficient validation, enabling arbitrary code execution and potential full system compromis...

9.6CVSS9.4AI score0.01036EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder