nvd-json-data-feeds/CVE-2024/CVE-2024-450xx/CVE-2024-45085.json

{
  "id": "CVE-2024-45085",
  "sourceIdentifier": "psirt@us.ibm.com",
  "published": "2024-10-15T22:15:03.773",
  "lastModified": "2024-11-08T15:13:11.307",
  "vulnStatus": "Analyzed",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "IBM WebSphere Application Server 8.5 is vulnerable to a denial of service, under certain configurations, caused by an unexpected specially crafted request. A remote attacker could exploit this vulnerability to cause an error resulting in a denial of service."
    },
    {
      "lang": "es",
      "value": "IBM WebSphere Application Server 8.5 es vulnerable a una denegaci\u00f3n de servicio, en determinadas configuraciones, provocada por una solicitud inesperada especialmente manipulada. Un atacante remoto podr\u00eda aprovechar esta vulnerabilidad para provocar un error que d\u00e9 como resultado una denegaci\u00f3n de servicio."
    }
  ],
  "metrics": {
    "cvssMetricV31": [
      {
        "source": "psirt@us.ibm.com",
        "type": "Secondary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "baseScore": 5.9,
          "baseSeverity": "MEDIUM",
          "attackVector": "NETWORK",
          "attackComplexity": "HIGH",
          "privilegesRequired": "NONE",
          "userInteraction": "NONE",
          "scope": "UNCHANGED",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "availabilityImpact": "HIGH"
        },
        "exploitabilityScore": 2.2,
        "impactScore": 3.6
      },
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "attackVector": "NETWORK",
          "attackComplexity": "LOW",
          "privilegesRequired": "NONE",
          "userInteraction": "NONE",
          "scope": "UNCHANGED",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "availabilityImpact": "HIGH"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6
      }
    ]
  },
  "weaknesses": [
    {
      "source": "psirt@us.ibm.com",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-754"
        }
      ]
    }
  ],
  "configurations": [
    {
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ibm:websphere_application_server:*:*:*:*:traditional:*:*:*",
              "versionStartIncluding": "8.5.0.0",
              "versionEndExcluding": "8.5.5.27",
              "matchCriteriaId": "1EF360D5-36CB-4297-B072-5C34AC3B8484"
            }
          ]
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://www.ibm.com/support/pages/node/7173128",
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ]
    }
  ]
}
Auto-Update: 2024-10-15T23:55:16.727596+00:00 2024-10-15 23:58:16 +00:00			`{`
			`"id": "CVE-2024-45085",`
			`"sourceIdentifier": "psirt@us.ibm.com",`
			`"published": "2024-10-15T22:15:03.773",`
Auto-Update: 2024-11-08T17:00:26.454342+00:00 2024-11-08 17:03:28 +00:00			`"lastModified": "2024-11-08T15:13:11.307",`
			`"vulnStatus": "Analyzed",`
Auto-Update: 2024-10-15T23:55:16.727596+00:00 2024-10-15 23:58:16 +00:00			`"cveTags": [],`
			`"descriptions": [`
			`{`
			`"lang": "en",`
			`"value": "IBM WebSphere Application Server 8.5 is vulnerable to a denial of service, under certain configurations, caused by an unexpected specially crafted request. A remote attacker could exploit this vulnerability to cause an error resulting in a denial of service."`
Auto-Update: 2024-10-16T18:00:22.349552+00:00 2024-10-16 18:03:24 +00:00			`},`
			`{`
			`"lang": "es",`
			`"value": "IBM WebSphere Application Server 8.5 es vulnerable a una denegaci\u00f3n de servicio, en determinadas configuraciones, provocada por una solicitud inesperada especialmente manipulada. Un atacante remoto podr\u00eda aprovechar esta vulnerabilidad para provocar un error que d\u00e9 como resultado una denegaci\u00f3n de servicio."`
Auto-Update: 2024-10-15T23:55:16.727596+00:00 2024-10-15 23:58:16 +00:00			`}`
			`],`
			`"metrics": {`
			`"cvssMetricV31": [`
			`{`
Auto-Update: 2024-12-08T03:00:18.988682+00:00 2024-12-08 03:06:42 +00:00			`"source": "psirt@us.ibm.com",`
			`"type": "Secondary",`
Auto-Update: 2024-11-08T17:00:26.454342+00:00 2024-11-08 17:03:28 +00:00			`"cvssData": {`
			`"version": "3.1",`
Auto-Update: 2024-12-08T03:00:18.988682+00:00 2024-12-08 03:06:42 +00:00			`"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",`
			`"baseScore": 5.9,`
			`"baseSeverity": "MEDIUM",`
Auto-Update: 2024-11-08T17:00:26.454342+00:00 2024-11-08 17:03:28 +00:00			`"attackVector": "NETWORK",`
Auto-Update: 2024-12-08T03:00:18.988682+00:00 2024-12-08 03:06:42 +00:00			`"attackComplexity": "HIGH",`
Auto-Update: 2024-11-08T17:00:26.454342+00:00 2024-11-08 17:03:28 +00:00			`"privilegesRequired": "NONE",`
			`"userInteraction": "NONE",`
			`"scope": "UNCHANGED",`
			`"confidentialityImpact": "NONE",`
			`"integrityImpact": "NONE",`
Auto-Update: 2024-12-08T03:00:18.988682+00:00 2024-12-08 03:06:42 +00:00			`"availabilityImpact": "HIGH"`
Auto-Update: 2024-11-08T17:00:26.454342+00:00 2024-11-08 17:03:28 +00:00			`},`
Auto-Update: 2024-12-08T03:00:18.988682+00:00 2024-12-08 03:06:42 +00:00			`"exploitabilityScore": 2.2,`
Auto-Update: 2024-11-08T17:00:26.454342+00:00 2024-11-08 17:03:28 +00:00			`"impactScore": 3.6`
			`},`
			`{`
Auto-Update: 2024-12-08T03:00:18.988682+00:00 2024-12-08 03:06:42 +00:00			`"source": "nvd@nist.gov",`
			`"type": "Primary",`
Auto-Update: 2024-10-15T23:55:16.727596+00:00 2024-10-15 23:58:16 +00:00			`"cvssData": {`
			`"version": "3.1",`
Auto-Update: 2024-12-08T03:00:18.988682+00:00 2024-12-08 03:06:42 +00:00			`"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",`
			`"baseScore": 7.5,`
			`"baseSeverity": "HIGH",`
Auto-Update: 2024-10-15T23:55:16.727596+00:00 2024-10-15 23:58:16 +00:00			`"attackVector": "NETWORK",`
Auto-Update: 2024-12-08T03:00:18.988682+00:00 2024-12-08 03:06:42 +00:00			`"attackComplexity": "LOW",`
Auto-Update: 2024-10-15T23:55:16.727596+00:00 2024-10-15 23:58:16 +00:00			`"privilegesRequired": "NONE",`
			`"userInteraction": "NONE",`
			`"scope": "UNCHANGED",`
			`"confidentialityImpact": "NONE",`
			`"integrityImpact": "NONE",`
Auto-Update: 2024-12-08T03:00:18.988682+00:00 2024-12-08 03:06:42 +00:00			`"availabilityImpact": "HIGH"`
Auto-Update: 2024-10-15T23:55:16.727596+00:00 2024-10-15 23:58:16 +00:00			`},`
Auto-Update: 2024-12-08T03:00:18.988682+00:00 2024-12-08 03:06:42 +00:00			`"exploitabilityScore": 3.9,`
Auto-Update: 2024-10-15T23:55:16.727596+00:00 2024-10-15 23:58:16 +00:00			`"impactScore": 3.6`
			`}`
			`]`
			`},`
			`"weaknesses": [`
			`{`
			`"source": "psirt@us.ibm.com",`
			`"type": "Primary",`
			`"description": [`
			`{`
			`"lang": "en",`
			`"value": "CWE-754"`
			`}`
			`]`
			`}`
			`],`
Auto-Update: 2024-11-08T17:00:26.454342+00:00 2024-11-08 17:03:28 +00:00			`"configurations": [`
			`{`
			`"nodes": [`
			`{`
			`"operator": "OR",`
			`"negate": false,`
			`"cpeMatch": [`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:a:ibm:websphere_application_server:::::traditional:::*",`
			`"versionStartIncluding": "8.5.0.0",`
			`"versionEndExcluding": "8.5.5.27",`
			`"matchCriteriaId": "1EF360D5-36CB-4297-B072-5C34AC3B8484"`
			`}`
			`]`
			`}`
			`]`
			`}`
			`],`
Auto-Update: 2024-10-15T23:55:16.727596+00:00 2024-10-15 23:58:16 +00:00			`"references": [`
			`{`
			`"url": "https://www.ibm.com/support/pages/node/7173128",`
Auto-Update: 2024-11-08T17:00:26.454342+00:00 2024-11-08 17:03:28 +00:00			`"source": "psirt@us.ibm.com",`
			`"tags": [`
			`"Vendor Advisory"`
			`]`
Auto-Update: 2024-10-15T23:55:16.727596+00:00 2024-10-15 23:58:16 +00:00			`}`
			`]`
			`}`