News T2 2024 IBM Sterling Partner Engagement Manager is vulnerable to Websphere Liberty DoS

Integration News

IBM Sterling Partner Engagement Manager is vulnerable to Websphere Liberty DoS

Summary

IBM WebSphere Application Server Liberty 22.0.0.13 through 23.0.0.7 is vulnerable to a denial of service, caused by sending a specially-crafted request. IBM Sterling Partner Engagement Manager 6.2.3.1 has included an upgraded version of WebSphere Liberty, which remediates this vulnerability.

 

Vulnerability Details

CVEID: CVE-2023-38737

Description: IBM WebSphere Application Server Liberty 22.0.0.13 through 23.0.0.7 is vulnerable to a denial of service, caused by sending a specially-crafted request. A remote attacker could exploit this vulnerability to cause the server to consume memory resources. IBM X-Force ID: 262567.

CVSS Base score: 5.9
CVSS Temporal Score: Click here.
CVSS Vector:
(CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H)

Affected Products and Versions

Remediation/Fixes

Product

Versions

Remediation/Fix/Instructions

IBM Sterling Partner Engagement Manager Essentials Edition

6.2.3.1, 6.1.2.10, 6.2.0.8

Workarounds and Mitigations

None.

Klicken Sie auf die Schaltfläche unten, um diesen Newsletter im Pdf-Format herunterzuladen.