CVE-2023-3628 — Vulnetix

CVE-2023-3628 PUBLISHED CVSS 8.699999809265137 HIGH

Es bestehen mehrere Schwachstellen in Red Hat JBoss Data Grid. Diese Fehler bestehen in den Komponenten jackson-databind, netty, infinispan und apache-mina-sshd. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu verursachen oder vertrauliche Informationen offenzulegen.

EPSS 0.09% · 25.4th percentile

Risk Scores

CVSS 4.0

8.699999809265137

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

EPSS Score

0.09%

25.4th percentile

Affected Products

Vendor	Product	Versions
Red Hat	Red Hat JBoss Enterprise Application Platform <8.0.1
Red Hat	Red Hat Integration Camel Extensions for Quarkus 1
Red Hat	Red Hat Integration Service Registry 1
IBM	IBM Security Verify Access 10.0.0.0-10.0.6.1
Red Hat	Red Hat Enterprise Linux
Red Hat	Red Hat Integration Camel K 1
Red Hat	Red Hat JBoss A-MQ Clients 3
Hitachi	Hitachi Ops Center
NetApp	NetApp ActiveIQ Unified Manager

Exploit Intelligence

https://security.netapp.com/advisory/ntap-20240125-0004/ (circl)
RHSA-2023:5396 (circl)
https://access.redhat.com/security/cve/CVE-2023-3628 (circl)
RHBZ#2217924 (circl)

Timeline

Sep 28, 2023 CVE Published
Dec 19, 2023 EPSS Score
Jan 17, 2024 EPSS Score
Feb 15, 2024 EPSS Score
Mar 15, 2024 EPSS Score
Apr 13, 2024 EPSS Score
May 12, 2024 EPSS Score
Jun 10, 2024 EPSS Score
Jul 9, 2024 EPSS Score
Aug 8, 2024 EPSS Score
Sep 6, 2024 EPSS Score
Oct 5, 2024 EPSS Score

References

https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-2518.json advisory
https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-2518 advisory
https://security.netapp.com/advisory/ntap-20240125-0004/ advisory
https://access.redhat.com/errata/RHSA-2024:0148 advisory
https://access.redhat.com/errata/RHSA-2024:1192 advisory
https://access.redhat.com/errata/RHSA-2024:1193 advisory
https://access.redhat.com/errata/RHSA-2024:1194 advisory
https://www.ibm.com/support/pages/node/7108821 advisory
https://access.redhat.com/errata/RHSA-2023:5396 advisory
https://github.com/FasterXML/jackson-databind/issues/3972 advisory
https://access.redhat.com/errata/RHSA-2023:5484 advisory
https://access.redhat.com/errata/RHSA-2023:5488 advisory
https://access.redhat.com/errata/RHSA-2023:5486 advisory
https://access.redhat.com/errata/RHSA-2023:5485 advisory
https://access.redhat.com/errata/RHSA-2023:5946 advisory
https://access.redhat.com/errata/RHSA-2023:7641 advisory
https://access.redhat.com/errata/RHSA-2023:7637 advisory
https://access.redhat.com/errata/RHSA-2023:7638 advisory
https://access.redhat.com/errata/RHSA-2023:7639 advisory
https://access.redhat.com/errata/RHSA-2023:7653 advisory

…and 3 more

Open in Interactive Console →