CVE-2023-6129 — Vulnetix

CVE-2023-6129 PUBLISHED CVSS 8.699999809265137 HIGH

In IBM Rational Build Forge existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten von Drittanbietern, u.a. Oracle Java SE, Apache HTTP Server, OpenSSL und Apache Tomcat. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, Dateien zu manipulieren oder einen Denial of Service Zustand herbeizuführen. Zur Ausnutzung einiger dieser Schwachstellen ist eine Nutzeraktion oder bestimmte Berechtigungen erforderlich.

EPSS 3.33% · 87.5th percentile

Risk Scores

CVSS 4.0

8.699999809265137

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

EPSS Score

3.33%

87.5th percentile

Affected Products

Vendor	Product	Versions
Oracle	Oracle MySQL <=8.0.34
Oracle	Oracle MySQL <=7.5.33
tribe29	Checkmk Checkmk <2.2.0p24
Oracle	Oracle MySQL 8.4.1
Broadcom	Broadcom Fabric OS <9.2.0c
Red Hat	Red Hat OpenShift for Windows Containers <10.15.3
Open Source	Open Source OpenSSL 3.2.0
Oracle	Oracle MySQL <=7.5.34
IBM	IBM AIX 7.2
Oracle	Oracle Financial Services Applications 8.0.8.0
Oracle	Oracle Financial Services Applications 8.1.2.7
Open Source	Open Source OpenSSL <3.0.13
Red Hat	Red Hat OpenShift
Open Source	Open Source OpenSSL 3.0.0-3.0.12
Amazon	Amazon Linux 2
Oracle	Oracle Financial Services Applications 14.4.0.0.0
Oracle	Oracle Financial Services Applications 8.1.2.7.3
Dell	Dell NetWorker <19.12.0.1
IBM	IBM App Connect Enterprise 12.0.1.0-12.0.11.1
Fedora	Fedora Linux

…and 97 more

Exploit Intelligence

https://www.cisa.gov/known-exploited-vulnerabilities-catalog (certbund)
TestCommand.yaml (github-poc)
TestCommand.yaml (github-poc)
TestCommand.yaml (github-poc)
TestCommand.yaml (github-poc)
TestCommand.yaml (github-poc)
TestCommand.yaml (github-poc)
TestCommand.yaml (github-poc)
TestCommand.yaml (github-poc)
TestCommand.yaml (github-poc)

…and 1 more exploits

Timeline

Jan 9, 2024 CVE Published
Jan 17, 2024 EPSS Score
Feb 14, 2024 EPSS Score
Feb 16, 2024 CVE Updated
Apr 10, 2024 EPSS Score
May 8, 2024 EPSS Score
Jun 5, 2024 EPSS Score
Jul 31, 2024 EPSS Score
Aug 28, 2024 EPSS Score
Sep 25, 2024 EPSS Score
Oct 5, 2024 Coalition ESS Score
Oct 17, 2024 Coalition ESS Score

References

…and 140 more

Open in Interactive Console →