PT-2023-6906 · Ibm · Ibm Websphere Application Server Liberty

Published

2023-08-15

Updated

2023-08-23

CVE-2023-38737

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions IBM WebSphere Application Server Liberty versions 22.0.0.13 through 23.0.0.7

Description The issue is related to an uncontrolled consumption of resources. A remote attacker could exploit this to cause a denial of service by sending a specially-crafted request, leading to the server consuming memory resources.

Recommendations For IBM WebSphere Application Server Liberty versions 22.0.0.13 through 23.0.0.7, update to a version that contains a fix for this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability. As a temporary workaround, consider restricting access to the server to minimize the risk of exploitation.

DoS

Resource Exhaustion

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-400CWE-20

Related Identifiers

BDU:2023-07924

CVE-2023-38737

Affected Products

Ibm Websphere Application Server Liberty

PT-2023-6906 · Ibm · Ibm Websphere Application Server Liberty

CVE-2023-38737

Weakness Enumeration

Related Identifiers

Affected Products

References · 11