CVE-2024-27268

Description

IBM WebSphere Application Server Liberty 18.0.0.2 through 24.0.0.4 is vulnerable to a denial of service, caused by sending a specially crafted request. A remote attacker could exploit this vulnerability to cause the server to consume memory resources. IBM X-Force ID: 284574.

CVSS breakdown

CVSS 3.1

Attack Vector

Network

Attack Complexity

High

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Affected products

ibm / websphere_application_server___liberty18.0.0.2 – 24.0.0.4

References

MISChttps://www.ibm.com/support/pages/node/7145809
MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/284574
MISChttps://www.kb.cert.org/vuls/id/421644