CVE-2023-25927

IBM Security Verify Access 10.0.0, 10.0.1, 10.0.2, 10.0.3, 10.0.4, and 10.0.5 could allow an attacker to crash the webseald process using specially crafted HTTP requests resulting in loss of access to the system.  IBM X-Force ID:  247635.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.5 MEDIUM
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
ibmCNA
6.5 MEDIUM
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVEADP
---
---
CISA-ADPADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 15%
VendorProductVersion
ibmsecurity_verify_access
10.0.0
ibmsecurity_verify_access
10.0.1
ibmsecurity_verify_access
10.0.2
ibmsecurity_verify_access
10.0.3
ibmsecurity_verify_access
10.0.4
ibmsecurity_verify_access
10.0.5
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://exchange.xforce.ibmcloud.com/vulnerabilities/247635
https://https://www.ibm.com/support/pages/node/6989653
https://www.ibm.com/support/pages/node/6989653?_ga=2.22490043.1644592052.1684753176-785517468.1677620719
https://exchange.xforce.ibmcloud.com/vulnerabilities/247635
https://https://www.ibm.com/support/pages/node/6989653