Keystrokes of Over Billion Chinese Keyboard App Users Exposed Due to Critical Security Vulnerabilities
April 26, 2024ICS: Multiple Hitachi Energy RTU500 Series and MACH SCM Vulnerabilities
April 26, 2024Keystrokes of Over Billion Chinese Keyboard App Users Exposed Due to Critical Security Vulnerabilities
April 26, 2024ICS: Multiple Hitachi Energy RTU500 Series and MACH SCM Vulnerabilities
April 26, 2024Severity
Medium
Analysis Summary
CVE-2024-25026
IBM WebSphere Application Server 8.5, 9.0 and IBM WebSphere Application Server Liberty 17.0.0.3 through 24.0.0.4 are vulnerable to a denial of service, caused by sending a specially crafted request. A remote attacker could exploit this vulnerability to cause the server to consume memory resources.
Impact
- Denial of Service
Indicators of Compromise
CVE
- CVE-2024-25026
Affected Vendors
Affected Products
- IBM WebSphere Application Server 8.5
- IBM WebSphere Application Server 9.0
- IBM WebSphere Application Server Liberty 17.0.0.3
- IBM WebSphere Application Server Liberty 24.0.0.4
Remediation
Refer to IBM Security Advisory for patch, upgrade or suggested workaround information.