CVE-2023-23477

IBM WebSphere Application Server 8.5 and 9.0 traditional could allow a remote attacker to execute arbitrary code on the system with a specially crafted sequence of serialized objects. IBM X-Force ID: 245513.

Published: Feb 3, 2023
Updated: Nov 8, 2023
CVE: CVE-2023-23477
Severity: Critical
Exploit:

CVSS v3:

Severity: Critical
Score: 9.8
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWEs:

CWE-94

Affected Software
References

Software	From	Fixed in
ibm / websphere_application_server	8.5	8.5.x
ibm / websphere_application_server	9.0	9.0.x

https://exchange.xforce.ibmcloud.com/vulnerabilities/245513
https://www.ibm.com/support/pages/node/6891111

Vulnerability Database

289,599

CVE-2023-23477