CVE-2023-27554 — Vulnetix

Try Vulnetix Request Demo

CVE-2023-27554 PUBLISHED

Es existiert eine Schwachstelle in IBM WebSphere Application Server. Der Fehler besteht aufgrund eines XML External Entity Injection (XXE)-Angriffs bei der Verarbeitung von XML-Daten. Ein entfernter, authentisierter Angreifer kann diese Schwachstelle ausnutzen, um Sicherheitsmaßnahmen zu umgehen und um Speicherressourcen zu verbrauchen. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion.

EPSS 0.01% · 2.0th percentile

Risk Scores

EPSS Score

0.01%

2.0th percentile

Affected Products

Vendor	Product	Versions
IBM	IBM Tivoli Monitoring 6.3.0.7
IBM	IBM Business Automation Workflow 19.0.0.3
IBM	IBM Maximo Asset Management 7.6.1
IBM	IBM Security Access Manager for Enterprise Single Sign-On 8.2.2
HCL	HCL Commerce
HCL	HCL Commerce <9.1.13
IBM	IBM WebSphere Service Registry and Repository 8.5.x
IBM	IBM Tivoli Netcool/OMNIbus 8.1.0
IBM	IBM WebSphere Service Registry and Repository 8.0.x
IBM	IBM Business Automation Workflow 22.0.1
IBM	IBM Business Automation Workflow 20.0.0.2
IBM	IBM Business Automation Workflow 20.0.0.1
IBM	IBM Rational ClearQuest
IBM	IBM Rational ClearCase
IBM	IBM Business Automation Workflow 22.0.2
IBM	IBM Business Automation Workflow 21.0.2
IBM	IBM Business Automation Workflow 19.0.0.2
HCL	HCL Commerce <9.0.1.21
IBM	IBM WebSphere Application Server 8.5
IBM	IBM Business Automation Workflow 19.0.0.1

…and 7 more

Timeline

May 10, 2023 CVE Published
May 12, 2023 EPSS Score
Jun 17, 2023 EPSS Score
Jul 23, 2023 EPSS Score
Aug 28, 2023 EPSS Score
Oct 3, 2023 EPSS Score
Nov 9, 2023 EPSS Score
Dec 15, 2023 EPSS Score
Jan 20, 2024 EPSS Score
Feb 25, 2024 EPSS Score
Apr 1, 2024 EPSS Score
May 7, 2024 EPSS Score

References

https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-1197.json advisory
https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-1197 advisory
https://www.ibm.com/support/pages/node/6989451 advisory
https://www.ibm.com/support/pages/node/6989657 advisory
https://www.ibm.com/support/pages/node/6991281 advisory
https://www.ibm.com/support/pages/node/6994793 advisory
https://www.ibm.com/support/pages/node/6995531 advisory
https://www.ibm.com/support/pages/node/6997097 advisory
https://www.ibm.com/support/pages/node/6999547 advisory
https://www.ibm.com/support/pages/node/6999299 advisory
https://www.ibm.com/support/pages/node/7004187 advisory
https://www.ibm.com/support/pages/node/7027925 advisory
https://support.hcltechsw.com/community?id=community_blog&sys_id=72d68adf1bf5c29c574121f7ec4bcbdb advisory
https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0112204 advisory

Open in Interactive Console →