Security Bulletin: IBM WebSphere Application Server Liberty, which is bundled with IBM WebSphere Hybrid Edition, is vulnerable to a denial of service due to GraphQL Java (CVE-2023-28867)

Main / Security Bulletin: IBM WebSphere Application Server Liberty, which is bundled with IBM WebSphere Hybrid Edition, is vulnerable to a denial of service due to GraphQL Java (CVE-2023-28867)

Discription

## Summary

IBM WebSphere Application Server Liberty, which is bundled with IBM WebSphere Hybrid Edition, is vulnerable to a denial of service due to GraphQL Java (CVE-2023-28867)

## Vulnerability Details

Refer to the security bulletin(s) listed in the Remediation/Fixes section

## Affected Products and Versions

Affected Product(s) and Version(s)| Affecting Product(s) and Version(s)
—|—

IBM WebSphere Hybrid Edition

* 5.1
|

BM WebSphere Application Server Liberty

* 17.0.0.3 – 23.0.0.5

## Remediation/Fixes

IBM strongly recommends addressing the vulnerability now by applying a currently available interim fix or fix pack that contains the APAR PH54373, as described in [Security Bulletin: IBM WebSphere Application Server Liberty is vulnerable to a denial of service due to GraphQL Java (CVE-2023-28867)]().

## Workarounds and Mitigations

None

##Read More

References

Back to Main

Subscribe for the latest news: