First published: Mon Apr 01 2024(Updated: )
IBM WebSphere Application Server 8.5 and 9.0 could provide weaker than expected security for outbound TLS connections caused by a failure to honor user configuration. IBM X-Force ID: 274812.
Credit: psirt@us.ibm.com
Affected Software | Affected Version | How to fix |
---|---|---|
IBM WebSphere Application Server Feature Pack for Web Services | =8.5 | |
IBM WebSphere Application Server Feature Pack for Web Services | =9.0 | |
IBM WebSphere Application Server Feature Pack for Web Services | <=9.0 | |
IBM WebSphere Application Server Feature Pack for Web Services | <=8.5 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2023-50313 has a medium severity rating due to potential weaknesses in outbound TLS connections.
To fix CVE-2023-50313, ensure that your IBM WebSphere Application Server configurations are set correctly to honor the desired security settings.
CVE-2023-50313 affects IBM WebSphere Application Server versions 8.5 and 9.0.
CVE-2023-50313 poses a security risk by potentially allowing weaker TLS configurations for outbound connections.
Yes, IBM has released guidance on how to mitigate the issues related to CVE-2023-50313.