CVE-2023-38741

Published: Aug 14, 2023Modified: Nov 21, 2024

7.5

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Exploitability: 3.9 / Impact: 3.6

Source: NVD

Description

IBM TXSeries for Multiplatforms 8.1, 8.2, and 9.1 is vulnerable to a denial of service, caused by improper enforcement of the timeout on individual read operations. By conducting a slowloris-type attacks, a remote attacker could exploit this vulnerability to cause a denial of service. IBM X-Force ID: 262905.

Affected (3)

Products: Ibm: Txseries For Multiplatform

1 product

Txseries For Multiplatform

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Ibm Txseries For Multiplatform	Version 8.1
Ibm Txseries For Multiplatform	Version 9.1

Configuration B

1 vulnerable · 4 platform

Vulnerable Software	Affected Versions
Ibm Txseries For Multiplatform	Version 8.2

Running on/with	Platform Versions
Hp Hp Ux	All versions
Ibm Aix	All versions
Linux Linux Kernel	All versions
Microsoft Windows	All versions

Related CWEs

Uncontrolled Resource Consumption

The product does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources.

References (4)

https://exchange.xforce.ibmcloud.com/vulnerabilities/262905

Source: psirt@us.ibm.com

VDB EntryVendor Advisory

https://www.ibm.com/support/pages/node/7025476

Source: psirt@us.ibm.com

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/262905

Source: af854a3a-2127-422b-91ae-364da2661108

VDB EntryVendor Advisory

https://www.ibm.com/support/pages/node/7025476

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.