IBM Safer Payments denial of service
CVE-2023-27556

6.5MEDIUM

Key Information:

Vendor: IBM
Status: Safer Payments
Vendor: CVE Published:; 28 April 2023

Summary

IBM Counter Fraud Management for Safer Payments versions 6.1.0.00 through 6.5.0.00 are impacted by a vulnerability that insufficiently manages resource allocation. This oversight can allow a remote attacker to exploit the system, potentially leading to a denial of service condition. Proper implementations of resource limits and throttling mechanisms are essential to mitigate this vulnerability and safeguard against disruptions in service.

Affected Version(s)

Safer Payments 6.1.0.00, 6.2.0.00, 6.5.0.00

Safer Payments 6.3.0.00 <= 6.3.1.03

Safer Payments 6.4.0.00 <= 6.4.2.02

References

https://www.ibm.com/support/pages/node/6985601

vendor-advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/249190

vdb-entry

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Apr 28, 2023
Vulnerability Reserved
Mar 2, 2023