CVE-2023-35895

CVSS 3.1 Score 6.3 of 10 (medium)

Details

Published Dec 20, 2023
Updated: Dec 28, 2023
CWE ID 78
CWE ID 74

Summary

CVE-2023-35895 is a vulnerability affecting IBM Informix JDBC Driver versions 4.10 and 4.50. It allows for remote code execution attacks through JNDI injection when an unchecked argument is passed to a specific API. The vulnerability has a base severity of MEDIUM with a CVSS score of 6.3. The risk score associated with this vulnerability is 65, indicating its potential danger to organizations. The affected products include t9y8Yc and t9y8Yb. To remediate this vulnerability, it is recommended to update the IBM Informix JDBC Driver to a patched version provided by IBM.

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-35895 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options