VDB
CVE-2023-26116
CVE-2023-26116
PUBLISHED
CVSS 8.699999809265137 HIGH
In HCL BigFix existieren mehrere Schwachstellen. Diese sind auf Fehler in den Komponenten "angular" sowie "jsonwebtoken" zurückzuführen. Ein entfernter, anonymer oder authentisierter Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuführen oder Sicherheitsvorkehrungen zu umgehen.
EPSS 0.32% · 55.1th percentile
Risk Scores
CVSS v4.0
8.699999809265137
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
EPSS Score
0.32%
55.1th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| IBM | IBM MQ 9.0 | |
| IBM | IBM MQ 9.2 | |
| Fedora | Fedora Linux | |
| IBM | IBM Business Automation Workflow | |
| IBM | IBM Tivoli Business Service Manager 6.2.0 | |
| IBM | IBM MQ 9.1 | |
| HCL | HCL BigFix |
Timeline
- Mar 30, 2023 CVE Published
- Mar 30, 2023 EPSS Score
- Mar 30, 2023 PoC Published
- May 7, 2023 EPSS Score
- Jun 14, 2023 EPSS Score
- Aug 29, 2023 EPSS Score
- Oct 7, 2023 EPSS Score
- Nov 14, 2023 EPSS Score
- Dec 22, 2023 EPSS Score
- Jan 29, 2024 EPSS Score
- Apr 14, 2024 EPSS Score
- May 22, 2024 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0967.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0967 advisory
- https://www.ibm.com/support/pages/node/7013499 advisory
- https://www.ibm.com/support/pages/node/7156277 advisory
- https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-1208.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-1208 advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-2023-035866b576 advisory
- https://www.ibm.com/support/pages/node/7030667 advisory
- https://www.ibm.com/support/pages/node/7023212 advisory
- https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0104732 advisory