CVE-2023-35890

IBM WebSphere Application Server 8.5 and 9.0 could provide weaker than expected security, caused by the improper encoding in a local configuration file. IBM X-Force ID: 258637.

Published: Jul 7, 2023
Updated: Jul 13, 2023
CVE: CVE-2023-35890
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 5.5
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CWEs:

CWE-327

OWASP TOP 10:

A3 - Sensitive Data Exposure

Affected Software
References

Software	From	Fixed in
ibm / websphere_application_server	9.0.5.16	9.0.5.16.x
ibm / websphere_application_server	9.0.5.15	9.0.5.15.x
ibm / websphere_application_server	8.5.5.23	8.5.5.23.x

https://https://www.ibm.com/support/pages/node/7007857
https://www.ibm.com/support/pages/node/7007857

Vulnerability Database

289,599

CVE-2023-35890