First published: Wed Aug 14 2024(Updated: )
IBM WebSphere Application Server Liberty 17.0.0.3 through 24.0.0.8 could allow an attacker with access to the network to conduct spoofing attacks. An attacker could exploit this vulnerability using a certificate issued by a trusted authority to obtain sensitive information. IBM X-Force ID: 274713.
Credit: psirt@us.ibm.com
Affected Software | Affected Version | How to fix |
---|---|---|
IBM WebSphere Application Server Feature Pack for Web Services | >=17.0.0.3<=24.0.0.8 | |
IBM Security Verify Governance - Identity Manager | <=ISVG 10.0.2 | |
IBM Security Verify Governance, Identity Manager Software Stack | <=ISVG 10.0.2 | |
IBM Security Verify Governance, Identity Manager Virtual Appliance | <=ISVG 10.0.2 | |
IBM Security Verify Governance Identity Manager Container | <=ISVG 10.0.2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2023-50314 has been classified as a high-severity vulnerability due to its potential for spoofing attacks.
To fix CVE-2023-50314, users should upgrade to a patched version of IBM WebSphere Application Server Liberty or IBM Voice Gateway.
CVE-2023-50314 affects IBM WebSphere Application Server Liberty versions 17.0.0.3 through 24.0.0.8 and several versions of IBM Voice Gateway.
Yes, CVE-2023-50314 can be exploited remotely by an attacker with access to the network.
CVE-2023-50314 is associated with spoofing attacks that may allow access to sensitive information.