CVE-2023-28523

Опубликовано: 09 дек. 2023

Источник: nvd

CVSS3: 8.4

CVSS3: 7.8

EPSS Низкий

Описание

IBM Informix Dynamic Server 12.10 and 14.10 onsmsync is vulnerable to a heap buffer overflow, caused by improper bounds checking which could allow an attacker to execute arbitrary code. IBM X-Force ID: 250753.

Ссылки

https://exchange.xforce.ibmcloud.com/vulnerabilities/250753
VDB Entry
Vendor Advisory
https://www.ibm.com/support/pages/node/7070188
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/250753
VDB Entry
Vendor Advisory
https://www.ibm.com/support/pages/node/7070188
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:ibm:informix_dynamic_server:12.10:-:*:*:-:*:*:*

cpe:2.3:a:ibm:informix_dynamic_server:14.10:*:*:*:*:*:*:*

cpe:2.3:a:ibm:informix_dynamic_server_on_cloud_pak_for_data:*:*:*:*:*:*:*:*

EPSS

Процентиль: 8%

0.00029

Низкий

8.4 High

CVSS3

7.8 High

CVSS3

Дефекты

CWE-122

CWE-787

Связанные уязвимости

GHSA-hg8q-63q2-p669

CVSS3: 8.4

github

около 2 лет назад

EPSS

Процентиль: 8%

0.00029

Низкий

8.4 High

CVSS3

7.8 High

CVSS3

Дефекты

CWE-122

CWE-787