Описание
IBM WebSphere Application Server 9.0 and WebSphere Application Server Liberty 17.0.0.3 through 25.0.0.7 are vulnerable to a denial of service, caused by a stack-based overflow. An attacker can send a specially crafted request that cause the server to consume excessive memory resources.
Ссылки
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 9.0.0.0 (включая) до 9.0.5.24 (исключая)Версия от 17.0.0.3 (включая) до 25.0.0.8 (исключая)
Одно из
cpe:2.3:a:ibm:websphere_application_server:*:*:*:*:-:*:*:*
cpe:2.3:a:ibm:websphere_application_server:*:*:*:*:liberty:*:*:*
EPSS
Процентиль: 22%
0.00071
Низкий
7.5 High
CVSS3
Дефекты
CWE-121
Связанные уязвимости
CVSS3: 7.5
github
7 месяцев назад
IBM WebSphere Application Server 9.0 and WebSphere Application Server Liberty 17.0.0.3 through 25.0.0.7 are vulnerable to a denial of service, caused by a stack-based overflow. An attacker can send a specially crafted request that cause the server to consume excessive memory resources.
EPSS
Процентиль: 22%
0.00071
Низкий
7.5 High
CVSS3
Дефекты
CWE-121