VDB
CVE-2023-23477
CVE-2023-23477
PUBLISHED
Es existiert eine Schwachstelle in IBM WebSphere Application Server. Es besteht eine Verwundbarkeit gegenüber einem Angriff mit einer Sequenz mit speziell angefertigten serialisierten Objekten. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuführen.
EPSS 0.18% · 38.8th percentile
Risk Scores
EPSS Score
0.18%
38.8th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| IBM | IBM Rational ClearCase 10.0.0 | |
| IBM | IBM Security Identity Manager | |
| IBM | IBM Rational ClearCase 9.0.2 | |
| IBM | IBM Maximo Asset Management 7.6.1 | |
| IBM | IBM WebSphere Application Server 8.5 | |
| IBM | IBM Business Automation Workflow | |
| IBM | IBM Security Access Manager for Enterprise Single Sign-On 8.2.2 | |
| IBM | IBM Rational ClearCase 9.1 | |
| IBM | IBM Tivoli Key Lifecycle Manager | |
| IBM | IBM Security Access Manager for Enterprise Single Sign-On 8.2.0 | |
| IBM | IBM WebSphere Application Server 9.0 | |
| IBM | IBM Security Access Manager for Enterprise Single Sign-On 8.2.1 | |
| IBM | IBM Tivoli Netcool/OMNIbus | |
| IBM | IBM WebSphere Service Registry and Repository |
Exploit Intelligence
- CVE-2017-17485:Jackson-databind RCE (github-poc)
- CVE-2017-17485:Jackson-databind RCE (github-poc)
- CVE-2017-17485:Jackson-databind RCE (github-poc)
- CVE-2017-17485:Jackson-databind RCE (github-poc)
- CVE-2017-17485:Jackson-databind RCE (github-poc)
- CVE-2017-17485:Jackson-databind RCE (github-poc)
- cve-2017-17485 PoC (github-poc)
- cve-2017-17485 PoC (github-poc)
- cve-2017-17485 PoC (github-poc)
- cve-2017-17485 PoC (github-poc)
…and 544 more exploits
Timeline
- Apr 22, 2022 PoC Published
- Jan 31, 2023 CVE Published
- Feb 4, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Mar 16, 2023 EPSS Score
- Apr 25, 2023 EPSS Score
- Jun 4, 2023 EPSS Score
- Jun 5, 2023 CVE Updated
- Jun 9, 2023 PoC Published
- Jul 15, 2023 PoC Published
- Aug 23, 2023 EPSS Score
- Oct 2, 2023 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-0237.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-0237 advisory
- https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0104902 advisory
- https://www.ibm.com/support/pages/node/6965702 advisory
- https://www.ibm.com/support/pages/node/6958458 advisory
- https://www.ibm.com/support/pages/node/6958675 advisory
- https://www.ibm.com/support/pages/node/6891111 advisory
- https://www.ibm.com/support/pages/node/6891159 advisory
- https://www.ibm.com/support/pages/node/6953483 advisory
- https://www.ibm.com/support/pages/node/6953461 advisory
- https://www.ibm.com/support/pages/node/6953497 advisory
- https://www.ibm.com/support/pages/node/6954723 advisory
- https://www.ibm.com/support/pages/node/6955547 advisory