What is the severity of CVE-2023-50314?

CVE-2023-50314 has been classified as a high-severity vulnerability due to its potential for spoofing attacks.

How do I fix CVE-2023-50314?

To fix CVE-2023-50314, users should upgrade to a patched version of IBM WebSphere Application Server Liberty or IBM Voice Gateway.

What products are affected by CVE-2023-50314?

CVE-2023-50314 affects IBM WebSphere Application Server Liberty versions 17.0.0.3 through 24.0.0.8 and several versions of IBM Voice Gateway.

Can CVE-2023-50314 be exploited remotely?

Yes, CVE-2023-50314 can be exploited remotely by an attacker with access to the network.

What type of attack is associated with CVE-2023-50314?

CVE-2023-50314 is associated with spoofing attacks that may allow access to sensitive information.

Vulnerability/
CVE-2023-50314

high

7.5

CWE

295

14/8/2024

9/4/2025

CVE-2023-50314: IBM WebSphere Application Server Libery information disclosure

First published: Wed Aug 14 2024(Updated: )

IBM WebSphere Application Server Liberty 17.0.0.3 through 24.0.0.8 could allow an attacker with access to the network to conduct spoofing attacks. An attacker could exploit this vulnerability using a certificate issued by a trusted authority to obtain sensitive information. IBM X-Force ID: 274713.

Credit: psirt@us.ibm.com

Affected Software	Affected Version	How to fix
IBM WebSphere Application Server Feature Pack for Web Services	>=17.0.0.3<=24.0.0.8
IBM Security Verify Governance - Identity Manager	<=ISVG 10.0.2
IBM Security Verify Governance, Identity Manager Software Stack	<=ISVG 10.0.2
IBM Security Verify Governance, Identity Manager Virtual Appliance	<=ISVG 10.0.2
IBM Security Verify Governance Identity Manager Container	<=ISVG 10.0.2

Never miss a vulnerability like this again

Reference Links

Parent vulnerabilities

(Appears in the following advisories)

IBM-7230443

Frequently Asked Questions

What is the severity of CVE-2023-50314?
CVE-2023-50314 has been classified as a high-severity vulnerability due to its potential for spoofing attacks.
How do I fix CVE-2023-50314?
To fix CVE-2023-50314, users should upgrade to a patched version of IBM WebSphere Application Server Liberty or IBM Voice Gateway.
What products are affected by CVE-2023-50314?
CVE-2023-50314 affects IBM WebSphere Application Server Liberty versions 17.0.0.3 through 24.0.0.8 and several versions of IBM Voice Gateway.
Can CVE-2023-50314 be exploited remotely?
Yes, CVE-2023-50314 can be exploited remotely by an attacker with access to the network.
What type of attack is associated with CVE-2023-50314?
CVE-2023-50314 is associated with spoofing attacks that may allow access to sensitive information.

agent/title
agent/weakness
agent/type
agent/first-publish-date
agent/author
collector/mitre-cve
source/MITRE
agent/severity
agent/trending
agent/source
agent/description
collector/nvd-api
source/NVD
agent/software-canonical-lookup
agent/software-canonical-lookup-request
agent/last-modified-date
agent/references
agent/softwarecombine
agent/tags
agent/event
collector/ibm-support
source/IBM
vendor/ibm
canonical/ibm websphere application server feature pack for web services
version/ibm websphere application server feature pack for web services/17.0.0.3
version/ibm websphere application server feature pack for web services/24.0.0.8
canonical/ibm security verify governance - identity manager
version/ibm security verify governance - identity manager/isvg 10.0.2
canonical/ibm security verify governance, identity manager software stack
version/ibm security verify governance, identity manager software stack/isvg 10.0.2
canonical/ibm security verify governance, identity manager virtual appliance
version/ibm security verify governance, identity manager virtual appliance/isvg 10.0.2
canonical/ibm security verify governance identity manager container
version/ibm security verify governance identity manager container/isvg 10.0.2