CVE-2019-4080Uncontrolled Resource Consumption in IBM Websphere Application Server

CWE-400Uncontrolled Resource Consumption3 documents3 sources
Severity
6.5MEDIUMNVD
EPSS
1.5%
top 18.64%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Websphere Application Server
Timeline
PublishedApr 2
Latest updateMay 13

Description

IBM WebSphere Application Server Admin Console 7.5, 8.0, 8.5, and 9.0 is vulnerable to a potential denial of service, caused by improper parameter parsing. A remote attacker could exploit this to consume all available CPU resources. IBM X-Force ID: 157380.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 2.8 | Impact: 3.6

Affected Packages2 packages

NVDibm/websphere_application_server7.0.0.07.0.0.45+3
CVEListV5ibm/websphere_application_server4 versions+3

Patches

Patch: www.ibm.comPatch: www.ibm.com

🔴Vulnerability Details

2
GHSA
GHSA-qh6g-qwxc-43vg: IBM WebSphere Application Server Admin Console 72022-05-13
CVEList
CVE-2019-4080: IBM WebSphere Application Server Admin Console 72019-04-02
CVE-2019-4080 — Uncontrolled Resource Consumption | cvebase