CVE-2023-50312

Description

IBM WebSphere Application Server Liberty 17.0.0.3 through 24.0.0.2 could provide weaker than expected security for outbound TLS connections caused by a failure to honor user configuration. IBM X-Force ID: 274711.

CVSS breakdown

CVSS 3.1

Attack Vector

Adjacent

Attack Complexity

High

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

None

Availability

None

Affected products

ibm / websphere_application_server___liberty17.0.0.3 – 24.0.0.2

References

MISChttps://www.ibm.com/support/pages/node/7125527
MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/274711