CVE-2023-28523

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Dec 9, 2023
Updated: Dec 12, 2023
CWE ID 787
CWE ID 122

Summary

CVE-2023-28523 is a critical vulnerability affecting IBM Informix Dynamic Server 12.10 and 14.10. The onsmsync component is found to have a heap buffer overflow issue due to insufficient bounds checking. This flaw can be exploited by an attacker to execute arbitrary code and potentially gain unauthorized system access. IBM's X-Force has assigned the ID 250753 to this vulnerability.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • IBM Informix Dynamic Server

Affected Vendors

  • IBM Corporation