CVE-2023-27556 MEDIUM

CVE-2023-27556: IBM Safer Payments denial of service

Vendor Ibm

Product Safer Payments

Weakness CWE-770 · Uncontrolled resource consumption

Published April 28, 2023

Last update January 30, 2025

View on NVD All CVEs

CVSS base score

6.5/10

Attack vector Adjacent

Attack complexity Low

Privileges required None

User interaction None

Confidentiality None

Integrity None

CVSS vector

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

What the vulnerability does

01Description

IBM Counter Fraud Management for Safer Payments 6.1.0.00, 6.2.0.00, 6.3.0.00 through 6.3.1.03, 6.4.0.00 through 6.4.2.02 and 6.5.0.00 does not properly allocate resources without limits or throttling which could allow a remote attacker to cause a denial of service. IBM X-Force ID: 249190.

Key dates

02Disclosure timeline

April 28, 2023 CVE published

January 30, 2025 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2023-27556 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/770.html

Related vulnerabilities

Identifiers

CVE CVE-2023-27556

CWE CWE-770

CVSS 6.5 / MEDIUM

Affected versions

Vendor Ibm

Product Safer Payments

Affected 6.1.0.00, 6.2.0.00, 6.5.0.00

Vendor Ibm

Product Safer Payments

Affected ≥ 6.3.0.00 and ≤ 6.3.1.03

Vendor Ibm

Product Safer Payments

Affected ≥ 6.4.0.00 and ≤ 6.4.2.02

CVE-2023-27556: IBM Safer Payments denial of service

01Description

02Disclosure timeline

03References

04Related CVE