{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2023-25927","assignerOrgId":"9a959283-ebb5-44b6-b705-dcc2bbced522","state":"PUBLISHED","assignerShortName":"ibm","dateReserved":"2023-02-16T16:39:45.212Z","datePublished":"2023-05-12T17:38:51.966Z","dateUpdated":"2025-11-03T21:47:28.686Z"},"containers":{"cna":{"affected":[{"defaultStatus":"unaffected","product":"Security Verify Access","vendor":"IBM","versions":[{"status":"affected","version":"10.0.0, 10.0.1, 10.0.2, 10.0.3, 10.0.4, 10.0.5"}]}],"descriptions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"IBM Security Verify Access 10.0.0, 10.0.1, 10.0.2, 10.0.3, 10.0.4, and 10.0.5 could allow an attacker to crash the webseald process using specially crafted HTTP requests resulting in loss of access to the system.  IBM X-Force ID:  247635."}],"value":"IBM Security Verify Access 10.0.0, 10.0.1, 10.0.2, 10.0.3, 10.0.4, and 10.0.5 could allow an attacker to crash the webseald process using specially crafted HTTP requests resulting in loss of access to the system.  IBM X-Force ID:  247635."}],"metrics":[{"cvssV3_1":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"HIGH","baseScore":6.5,"baseSeverity":"MEDIUM","confidentialityImpact":"NONE","integrityImpact":"NONE","privilegesRequired":"LOW","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","version":"3.1"},"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}]}],"problemTypes":[{"descriptions":[{"cweId":"CWE-20","description":"CWE-20 Improper Input Validation","lang":"en","type":"CWE"}]}],"providerMetadata":{"orgId":"9a959283-ebb5-44b6-b705-dcc2bbced522","shortName":"ibm","dateUpdated":"2023-05-12T17:38:51.966Z"},"references":[{"tags":["vendor-advisory"],"url":"https://https://www.ibm.com/support/pages/node/6989653"},{"tags":["vdb-entry"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/247635"}],"source":{"discovery":"UNKNOWN"},"title":"IBM Security Verify Access denial of service","x_generator":{"engine":"Vulnogram 0.1.0-dev"}},"adp":[{"title":"CVE Program Container","references":[{"tags":["vendor-advisory","x_transferred"],"url":"https://https://www.ibm.com/support/pages/node/6989653"},{"tags":["vdb-entry","x_transferred"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/247635"},{"url":"http://seclists.org/fulldisclosure/2024/Nov/1"},{"url":"http://seclists.org/fulldisclosure/2024/Nov/0"}],"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2025-11-03T21:47:28.686Z"}},{"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2025-01-23T20:34:37.200739Z","id":"CVE-2023-25927","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2025-01-23T20:35:20.324Z"}}]}}