Lucene search

[email protected]NVD:CVE-2023-46158

HistoryOct 25, 2023 - 6:17 p.m.

CVE-2023-46158

2023-10-2518:17:37

CWE-613

[email protected]

web.nvd.nist.gov

ibm

websphere

liberty

security

vulnerability

resource expiration

x-force id

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

6.9

Confidence

High

EPSS

0.001

Percentile

37.9%

JSON

IBM WebSphere Application Server Liberty 23.0.0.9 through 23.0.0.10 could provide weaker than expected security due to improper resource expiration handling. IBM X-Force ID: 268775.

Affected configurations

Nvd

Node

ibmwebsphere_application_server_libertyRange23.0.0.9–23.0.0.11

VendorProductVersionCPE
ibmwebsphere_application_server_liberty*cpe:2.3:a:ibm:websphere_application_server_liberty:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
ibm	websphere_application_server_liberty	*	cpe:2.3:a:ibm:websphere_application_server_liberty::::::::

References

exchange.xforce.ibmcloud.com/vulnerabilities/268775

www.ibm.com/support/pages/node/7058356

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

6.9

Confidence

High

EPSS

0.001

Percentile

37.9%

JSON

Related for NVD:CVE-2023-46158

ibm43 prion1 vulnrichment1 nessus1 cve1 cnvd1 cvelist1