CVE-2024-45085

Published Oct 15, 2024

Last updated 9 days ago

CVSS high 7.5

Overview

Description: IBM WebSphere Application Server 8.5 is vulnerable to a denial of service, under certain configurations, caused by an unexpected specially crafted request. A remote attacker could exploit this vulnerability to cause an error resulting in a denial of service.
Source: psirt@us.ibm.com
NVD status: Analyzed

Risk scores

CVSS 3.1

Type: Primary
Base score: 7.5
Impact score: 3.6
Exploitability score: 3.9
Vector string: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Severity: HIGH

Weaknesses

psirt@us.ibm.com: CWE-754

Hype score: Not currently trending

🚨 Alerta de Seguridad: CVE-2024-45085 🚨 IBM WebSphere Application Server 8.5 está en riesgo de un ataque de Denegación de Servicio bajo configuraciones específicas. Un atacante remoto puede enviar solicitudes especialmente diseñadas para explotar esta vulnerabilidad, causando…
@antu_tech
5 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:ibm:websphere_application_server:*:*:*:*:traditional:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1EF360D5-36CB-4297-B072-5C34AC3B8484",
            "versionEndExcluding": "8.5.5.27",
            "versionStartIncluding": "8.5.0.0"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 3.1

Weaknesses

Social media

Configurations

References