VDB
CVE-2024-22353
CVE-2024-22353
PUBLISHED
Es besteht eine Schwachstelle in IBM WebSphere Application Server. Dieser Fehler besteht in der Liberty-Komponente aufgrund eines unkontrollierten Speicherverbrauchs. Durch das Senden einer speziell gestalteten Anfrage kann ein entfernter, anonymer Angreifer diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu verursachen.
EPSS 0.03% · 9.3th percentile
Risk Scores
EPSS Score
0.03%
9.3th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| IBM | IBM TXSeries for multiplatforms_9.1 | |
| IBM | IBM MQ 9.1.0 | |
| IBM | IBM WebSphere Application Server Liberty <24.0.0.4 | |
| IBM | IBM License Metric Tool 9.2 | |
| IBM | IBM Maximo Asset Management 7.6.1 | |
| IBM | IBM TXSeries for multiplatforms_8.1 | |
| IBM | IBM TXSeries for multiplatforms_8.2 | |
| HCL | HCL BigFix Compliance | |
| IBM | IBM MQ 9.2.0 | |
| IBM | IBM MQ | |
| IBM | IBM SPSS Collaboration and Deployment Services | |
| IBM | IBM Business Automation Workflow | |
| IBM | IBM MQ 9.3.0 |
Timeline
- Mar 27, 2024 CVE Published
- Apr 1, 2024 EPSS Score
- Apr 26, 2024 EPSS Score
- May 22, 2024 EPSS Score
- Jun 16, 2024 EPSS Score
- Jul 12, 2024 EPSS Score
- Aug 6, 2024 EPSS Score
- Sep 1, 2024 EPSS Score
- Sep 26, 2024 EPSS Score
- Oct 4, 2024 Coalition ESS Score
- Oct 22, 2024 EPSS Score
- Nov 16, 2024 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0736.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0736 advisory
- https://www.ibm.com/support/pages/node/7145365 advisory
- https://www.ibm.com/support/pages/node/7156269 advisory
- https://www.ibm.com/support/pages/node/7158055 advisory
- https://www.ibm.com/support/pages/node/7157976 advisory
- https://www.ibm.com/support/pages/node/7158959 advisory
- https://www.ibm.com/support/pages/node/7159714 advisory
- https://www.ibm.com/support/pages/node/7167729 advisory
- https://www.ibm.com/support/pages/node/7169563 advisory
- https://support.hcl-software.com/community?id=community_blog&sys_id=c054a21093b5d2500dddf87d1dba102d advisory