CVE-2023-32331 — Vulnetix

Try Vulnetix Request Demo

CVE-2023-32331 PUBLISHED CVSS 9.300000190734863 CRITICAL

IBM Connect:Express for UNIX 1.5.0 is vulnerable to a buffer overflow that could allow a remote attacker to cause a denial of service through its browser UI. IBM X-Force ID: 254979.

EPSS 0.09% · 25.1th percentile

Risk Scores

CVSS v4.0

9.300000190734863

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

EPSS Score

0.09%

25.1th percentile

Affected Products

Vendor	Product	Versions
IBM	Sterling Connect:Express for UNIX	1.5.0
ibm	sterling_connect\	express_for_unix, express_for_unix

Timeline

Jul 13, 2023 CVE Published
Mar 5, 2024 EPSS Score
Mar 31, 2024 EPSS Score
Apr 26, 2024 EPSS Score
May 21, 2024 EPSS Score
Jun 17, 2024 EPSS Score
Jul 13, 2024 EPSS Score
Aug 2, 2024 CVE Updated
Aug 8, 2024 EPSS Score
Sep 3, 2024 EPSS Score
Sep 28, 2024 EPSS Score
Oct 24, 2024 EPSS Score

References

https://www.ibm.com/support/pages/node/7011443 vendor-advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/254979 vdb
https://nvd.nist.gov/vuln/detail/CVE-2023-32331 advisory
https://www.ibm.com/support/pages/node/7011409 advisory
https://www.ibm.com/support/pages/node/7010557 advisory

Open in Interactive Console →