CVE-2024-27267

CWE-362Race ConditionCWE-3004 documents4 sources
Severity
5.9MEDIUM
EPSS
0.0%
top 94.12%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Java SDK
Timeline
PublishedAug 14

Description

The Object Request Broker (ORB) in IBM SDK, Java Technology Edition 7.1.0.0 through 7.1.5.18 and 8.0.0.0 through 8.0.8.26 is vulnerable to remote denial of service, caused by a race condition in the management of ORB listener threads.

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 2.2 | Impact: 3.6

Affected Packages1 packages

NVDibm/java_sdk7.1.0.07.1.5.18+1

🔴Vulnerability Details

2
GHSA
GHSA-7p73-rpm9-rwr6: The Object Request Broker (ORB) in IBM SDK, Java Technology Edition 72024-08-14
CVEList
IBM SDK, Java Technology Edition denial of service2024-08-14

📋Vendor Advisories

1
Red Hat
ibm-java: Race condition may cause Denial of Service2024-08-14