CVE-2023-38264 — Vulnetix

CVE-2023-38264 PUBLISHED

Es besteht eine Schwachstelle in IBM Java SDK. Dieser Fehler besteht in der Komponente Object Request Broker (ORB) aufgrund einer unsachgemäßen Durchsetzung der JEP 290 MaxRef und MaxDepth Deserialisierungsfilter. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu verursachen.

EPSS 0.20% · 41.8th percentile

Risk Scores

EPSS Score

0.20%

41.8th percentile

Affected Products

Vendor	Product	Versions
IBM	IBM TXSeries for multiplatforms
IBM	IBM Rational Build Forge <8.0.0.27
IBM	IBM App Connect Enterprise Professional
IBM	IBM VIOS 3.1
IBM	IBM Security Guardium 12.0
Red Hat	Red Hat Enterprise Linux
IBM	IBM App Connect Enterprise
IBM	IBM Java SDK <8.0.8.25
IBM	IBM AIX 7.2
IBM	IBM AIX 7.3
Red Hat	Red Hat Enterprise Linux 7
IBM	IBM Storage Insights
SUSE	SUSE Linux
IBM	IBM Business Automation Workflow
IBM	IBM Rational Business Developer 9.6
IBM	IBM VIOS 4.1
IBM	IBM InfoSphere Identity Insight
IBM	IBM Tivoli Monitoring for Virtual Environments Base <7.3.7
IBM	IBM Tivoli Netcool/OMNIbus <8.1.0.33
IBM	IBM Java SDK <7.1.5.22

…and 1 more

Timeline

May 10, 2024 CVE Published
May 11, 2024 EPSS Score
Jun 4, 2024 EPSS Score
Jun 29, 2024 EPSS Score
Jul 23, 2024 EPSS Score
Aug 2, 2024 CVE Updated
Aug 16, 2024 EPSS Score
Sep 9, 2024 EPSS Score
Oct 3, 2024 EPSS Score
Oct 27, 2024 EPSS Score
Nov 20, 2024 EPSS Score
Dec 15, 2024 EPSS Score

References

https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-1310.json advisory
https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1310 advisory
https://access.redhat.com/errata/RHSA-2024:3685 advisory
https://www.ibm.com/support/pages/node/7145433 advisory
https://www.ibm.com/support/pages/node/7157686 advisory
https://www.ibm.com/support/pages/node/7158591 advisory
https://access.redhat.com/errata/RHSA-2024:4160 advisory
https://www.ibm.com/support/pages/node/7159671 advisory
https://www.ibm.com/support/pages/node/7162077 advisory
https://www.ibm.com/support/pages/node/7162898 advisory
https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/TIV7ZAF6SC76GAAJ3UF2EMATJZA2OLKX/ advisory
https://www.ibm.com/support/pages/node/7168114 advisory
https://access.redhat.com/errata/RHSA-2024:6595 advisory
https://www.ibm.com/support/pages/node/7172546 advisory
https://www.ibm.com/support/pages/node/7173018 advisory
https://www.ibm.com/support/pages/node/7173737 advisory
https://www.ibm.com/support/pages/node/7174322 advisory
https://www.ibm.com/support/pages/node/7180128 advisory
https://www.ibm.com/support/pages/node/7180383 advisory

Open in Interactive Console →