IBM Business Automation Workflow kuze kube 22.0.2 Web UI Ukubhalwa kwekhodi okweqa indawo
| CVSS Meta Temp Isilinganiso | Intengo yamanje ye-exploit (≈) | CTI Inzalo Score |
|---|---|---|
| 4.7 | $0-$5k | 0.00 |
Isifinyezo
Kutholakale ubuthakathaka obubizwa ngokuthi kuyinkinga ku IBM Business Automation Workflow kuze kube 22.0.2. Kuthinteka umsebenzi $software_function kwe-component Web UI. Ukuguqulwa kubangela uhlobo lwe Ukubhalwa kwekhodi okweqa indawo.
Le buthakathaka ibizwa ngokuthi CVE-2023-24957. Kungenzeka ukuqalisa ukuhlasela ungasekho endaweni. I-exploit ayitholakali.
Kuyacetyiswa ukuthi ingxenye ethintekayo ithuthukiswe.
Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.
Iinkcukacha
Kutholakale ubuthakathaka obubizwa ngokuthi kuyinkinga ku IBM Business Automation Workflow kuze kube 22.0.2. Kuthinteka umsebenzi $software_function kwe-component Web UI. Ukuguqulwa kubangela uhlobo lwe Ukubhalwa kwekhodi okweqa indawo. Ukusebenzisa i-CWE ukumemezela inkinga kuholela ku-CWE-79. Lobu buthakathaka bakhishwa obala 2023-05-06. Isaziso sitholakala ukuthi singalayishwa ku-ibm.com.
Le buthakathaka ibizwa ngokuthi CVE-2023-24957. I-CVE yanikezwa ngo-2023-02-01. Kungenzeka ukuqalisa ukuhlasela ungasekho endaweni. Akukho mininingwane yezobuchwepheshe etholakalayo. Ukuduma kwalobu buthakathi kungaphansi kokujwayelekile. I-exploit ayitholakali. Okwamanje, intengo yamanje ye-exploit ingaba cishe USD $0-$5k ngalesi sikhathi.
Kuyacetyiswa ukuthi ingxenye ethintekayo ithuthukiswe.
Ubuthakathaka lolu lukhona futhi kwamanye ama-database okubuthakathaka: X-Force (246115). Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.
Umkhiqizo
Uhlobo
Umkhiqizi
Ibizo
Inguqulo
Ilayisense
Iwebhusayithi
- Umkhiqizi: https://www.ibm.com/
CPE 2.3
CPE 2.2
CVSSv4
VulDB Umkhombandlela: 🔍VulDB Ukuthembeka: 🔍
CVSSv3
VulDB Ireyithingi yeMeta Base: 4.8VulDB Meta Temp Isilinganiso: 4.7
VulDB Isilinganiso Esiyisisekelo: 3.5
VulDB Izinga Lesikhashana: 3.4
VulDB Umkhombandlela: 🔍
VulDB Ukuthembeka: 🔍
NVD Isilinganiso Esiyisisekelo: 5.4
NVD Umkhombandlela: 🔍
CNA Isilinganiso Esiyisisekelo: 5.4
CNA Umkhombandlela (IBM Corporation): 🔍
CVSSv2
| AV | AC | Au | C | I | A |
|---|---|---|---|---|---|
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| Umkhombandlela | Ubunzima | Ukufakazela ubuwena | Ukuyimfihlo | Ukuthembeka | Ukutholakala |
|---|---|---|---|---|---|
| vula ukufinyelela | vula ukufinyelela | vula ukufinyelela | vula ukufinyelela | vula ukufinyelela | vula ukufinyelela |
| vula ukufinyelela | vula ukufinyelela | vula ukufinyelela | vula ukufinyelela | vula ukufinyelela | vula ukufinyelela |
| vula ukufinyelela | vula ukufinyelela | vula ukufinyelela | vula ukufinyelela | vula ukufinyelela | vula ukufinyelela |
VulDB Isilinganiso Esiyisisekelo: 🔍
VulDB Izinga Lesikhashana: 🔍
VulDB Ukuthembeka: 🔍
Ukusebenzisa ithuba lokungavikeleki
Ikilasi: Ukubhalwa kwekhodi okweqa indawoCWE: CWE-79 / CWE-94 / CWE-74
CAPEC: 🔍
ATT&CK: 🔍
Okubambekayo: Hayi
Wendawo: Hayi
Kude: Yebo
Ukutholakala: 🔍
Isimo: Akuchazwanga
EPSS Score: 🔍
EPSS Percentile: 🔍
Ukukhula kwentengo: 🔍
Okwamanje ukuhlolwa kwentengo: 🔍
| 0-Day | vula ukufinyelela | vula ukufinyelela | vula ukufinyelela | vula ukufinyelela |
|---|---|---|---|---|
| Namuhla | vula ukufinyelela | vula ukufinyelela | vula ukufinyelela | vula ukufinyelela |
Ulwazi lwezingozi
Intshisekelo: 🔍Abadlali abasebenzayo: 🔍
AmaQembu e-APT asebenzayo: 🔍
Izinyathelo zokuvikela
Isincomo: Buyisela phezuluIsimo: 🔍
0-Suku Isikhathi: 🔍
Isikhathi somlando
2023-02-01 🔍2023-05-06 🔍
2023-05-06 🔍
2025-04-26 🔍
Imithombo
Umkhiqizi: ibm.comIseluleko: ibm.com
Isimo: Kuqinisekisiwe
CVE: CVE-2023-24957 (🔍)
GCVE (CVE): GCVE-0-2023-24957
GCVE (VulDB): GCVE-100-228165
X-Force: 246115
Ukungena
Kudalwa: 2023-05-06 11:37Ukuvuselelwa: 2025-04-26 22:53
Ukulungiswa: 2023-05-06 11:37 (52), 2025-01-29 17:48 (26), 2025-04-26 22:53 (3)
Kugcwele: 🔍
Cache ID: 253:5AE:103
Kuze kube manje akukabikho ukuphawula. Izilimi: nr + nd + en.
Ngiyacela ungene ngemvume ukuze ukwazi ukuphawula.