CVE-2023-24971

Name of the Vulnerable Software and Affected Versions IBM B2B Advanced Communications version 1.0.0.0 IBM Multi-Enterprise Integration Gateway version 1.0.0.1

Description The issue allows a user to cause a denial of service due to the deserializing of untrusted serialized Java objects.

Recommendations For IBM B2B Advanced Communications version 1.0.0.0, consider disabling the deserialization of untrusted Java objects as a temporary workaround until a patch is available. For IBM Multi-Enterprise Integration Gateway version 1.0.0.1, restrict access to the component responsible for deserializing Java objects to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.