Search

Find a vulnerability

Search criteria

    8 vulnerabilities found for safer_payments by ibm

    CVE-2024-45662 (GCVE-0-2024-45662)

    Vulnerability from nvd – Published: 2025-01-18 16:19 – Updated: 2025-01-21 20:43
    VLAI
    Title
    IBM Safer Payments denial of service
    Summary
    IBM Safer Payments 6.4.0.00 through 6.4.2.07, 6.5.0.00 through 6.5.0.05, and 6.6.0.00 through 6.6.0.03 could allow a remote attacker to cause a denial of service due to improper allocation of resources.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-770 - Allocation of Resources Without Limits or Throttling
    Assigner
    ibm
    References
    Impacted products
    Vendor Product Version
    IBM Safer Payments Affected: 6.4.0.00 , ≤ 6.4.2.07 (semver)
    Affected: 6.5.0.00 , ≤ 6.5.0.05 (semver)
    Affected: 6.6.0.00 , ≤ 6.6.0.03 (semver)
        cpe:2.3:a:ibm:safer_payments:6.4.0.00:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:safer_payments:6.4.2.07:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:safer_payments:6.5.0.00:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:safer_payments:6.5.0.05:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:safer_payments:6.6.0.00:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:safer_payments:6.6.0.03:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-45662",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-01-21T20:43:13.066247Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-01-21T20:43:58.480Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:ibm:safer_payments:6.4.0.00:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:safer_payments:6.4.2.07:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:safer_payments:6.5.0.00:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:safer_payments:6.5.0.05:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:safer_payments:6.6.0.00:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:safer_payments:6.6.0.03:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "Safer Payments",
              "vendor": "IBM",
              "versions": [
                {
                  "lessThanOrEqual": "6.4.2.07",
                  "status": "affected",
                  "version": "6.4.0.00",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "6.5.0.05",
                  "status": "affected",
                  "version": "6.5.0.00",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "6.6.0.03",
                  "status": "affected",
                  "version": "6.6.0.00",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "IBM Safer Payments\u0026nbsp;6.4.0.00 through 6.4.2.07, 6.5.0.00 through 6.5.0.05, and 6.6.0.00 through 6.6.0.03 could allow a remote attacker to cause a denial of service due to improper allocation of resources."
                }
              ],
              "value": "IBM Safer Payments\u00a06.4.0.00 through 6.4.2.07, 6.5.0.00 through 6.5.0.05, and 6.6.0.00 through 6.6.0.03 could allow a remote attacker to cause a denial of service due to improper allocation of resources."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-770",
                  "description": "CWE-770 Allocation of Resources Without Limits or Throttling",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-01-18T16:19:46.770Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.ibm.com/support/pages/node/7173765"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "IBM Safer Payments denial of service",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2024-45662",
        "datePublished": "2025-01-18T16:19:46.770Z",
        "dateReserved": "2024-09-03T13:50:34.380Z",
        "dateUpdated": "2025-01-21T20:43:58.480Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-27557 (GCVE-0-2023-27557)

    Vulnerability from nvd – Published: 2023-04-28 01:35 – Updated: 2025-01-30 19:33
    VLAI
    Title
    IBM Safter Payments information disclosure
    Summary
    IBM Counter Fraud Management for Safer Payments 6.1.0.00 through 6.1.1.02, 6.2.0.00 through 6.2.2.02, 6.3.0.00 through 6.3.1.02, 6.4.0.00 through 6.4.2.01, and 6.5.0.00 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 249192.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-327 - Use of a Broken or Risky Cryptographic Algorithm
    Assigner
    ibm
    Impacted products
    Vendor Product Version
    IBM Safer Payments Affected: 6.1.0.00 , ≤ 6.1.1.02 (semver)
    Affected: 6.2.0.00 , ≤ 6.2.2.02 (semver)
    Affected: 6.3.0.00 , ≤ 6.3.1.02 (semver)
    Affected: 6.4.0.00 , ≤ 6.4.2.01 (semver)
    Affected: 6.5.0.00
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T12:16:35.577Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://www.ibm.com/support/pages/node/6985603"
              },
              {
                "tags": [
                  "vdb-entry",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/249192"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-27557",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-01-30T19:33:00.398789Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-01-30T19:33:04.499Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Safer Payments",
              "vendor": "IBM",
              "versions": [
                {
                  "lessThanOrEqual": "6.1.1.02",
                  "status": "affected",
                  "version": "6.1.0.00",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "6.2.2.02",
                  "status": "affected",
                  "version": "6.2.0.00",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "6.3.1.02",
                  "status": "affected",
                  "version": "6.3.0.00",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "6.4.2.01",
                  "status": "affected",
                  "version": "6.4.0.00",
                  "versionType": "semver"
                },
                {
                  "status": "affected",
                  "version": "6.5.0.00"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "IBM Counter Fraud Management for Safer Payments 6.1.0.00 through 6.1.1.02, 6.2.0.00 through 6.2.2.02, 6.3.0.00 through 6.3.1.02, 6.4.0.00 through 6.4.2.01, and 6.5.0.00 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.  IBM X-Force ID:  249192."
                }
              ],
              "value": "IBM Counter Fraud Management for Safer Payments 6.1.0.00 through 6.1.1.02, 6.2.0.00 through 6.2.2.02, 6.3.0.00 through 6.3.1.02, 6.4.0.00 through 6.4.2.01, and 6.5.0.00 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.  IBM X-Force ID:  249192."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 5.9,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-327",
                  "description": "CWE-327 Use of a Broken or Risky Cryptographic Algorithm",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-04-28T01:35:26.863Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.ibm.com/support/pages/node/6985603"
            },
            {
              "tags": [
                "vdb-entry"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/249192"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "IBM Safter Payments information disclosure",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2023-27557",
        "datePublished": "2023-04-28T01:35:26.863Z",
        "dateReserved": "2023-03-02T20:39:33.983Z",
        "dateUpdated": "2025-01-30T19:33:04.499Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-4729 (GCVE-0-2020-4729)

    Vulnerability from nvd – Published: 2023-04-28 01:11 – Updated: 2025-01-30 20:44
    VLAI
    Title
    IBM Safer Payments denial of service
    Summary
    IBM Counter Fraud Management for Safer Payments 5.7.0.00 through 5.7.0.10, 6.0.0.00 through 6.0.0.07, 6.1.0.00 through 6.1.0.05, and 6.2.0.00 through 6.2.1.00 could allow an authenticated attacker under special circumstances to send multiple specially crafted API requests that could cause the application to crash. IBM X-Force ID: 188052.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • 399 Resource Management Errors
    Assigner
    ibm
    Impacted products
    Vendor Product Version
    IBM Safer Payments Affected: 5.7.0.00 , ≤ 5.7.0.10 (semver)
    Affected: 6.0.0.00 , ≤ 6.0.0.07 (semver)
    Affected: 6.1.0.00 , ≤ 6.1.0.05 (semver)
    Affected: 6.2.0.00 , ≤ 6.2.1.00 (semver)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T08:14:57.903Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://www.ibm.com/support/pages/node/6985595"
              },
              {
                "tags": [
                  "vdb-entry",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/188052"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2020-4729",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-01-30T20:44:37.962162Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-01-30T20:44:41.326Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Safer Payments",
              "vendor": "IBM",
              "versions": [
                {
                  "lessThanOrEqual": "5.7.0.10",
                  "status": "affected",
                  "version": "5.7.0.00",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "6.0.0.07",
                  "status": "affected",
                  "version": "6.0.0.00",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "6.1.0.05",
                  "status": "affected",
                  "version": "6.1.0.00",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "6.2.1.00",
                  "status": "affected",
                  "version": "6.2.0.00",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "IBM Counter Fraud Management for Safer Payments 5.7.0.00 through 5.7.0.10, 6.0.0.00 through 6.0.0.07, 6.1.0.00 through 6.1.0.05, and 6.2.0.00 through 6.2.1.00 could allow an authenticated attacker under special circumstances to send multiple specially crafted API requests that could cause the application to crash.  IBM X-Force ID:  188052."
                }
              ],
              "value": "IBM Counter Fraud Management for Safer Payments 5.7.0.00 through 5.7.0.10, 6.0.0.00 through 6.0.0.07, 6.1.0.00 through 6.1.0.05, and 6.2.0.00 through 6.2.1.00 could allow an authenticated attacker under special circumstances to send multiple specially crafted API requests that could cause the application to crash.  IBM X-Force ID:  188052."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "399 Resource Management Errors",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-04-28T01:11:03.737Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.ibm.com/support/pages/node/6985595"
            },
            {
              "tags": [
                "vdb-entry"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/188052"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "IBM Safer Payments denial of service",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2020-4729",
        "datePublished": "2023-04-28T01:11:03.737Z",
        "dateReserved": "2019-12-30T00:00:00.000Z",
        "dateUpdated": "2025-01-30T20:44:41.326Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-27556 (GCVE-0-2023-27556)

    Vulnerability from nvd – Published: 2023-04-28 00:56 – Updated: 2025-01-30 20:45
    VLAI
    Title
    IBM Safer Payments denial of service
    Summary
    IBM Counter Fraud Management for Safer Payments 6.1.0.00, 6.2.0.00, 6.3.0.00 through 6.3.1.03, 6.4.0.00 through 6.4.2.02 and 6.5.0.00 does not properly allocate resources without limits or throttling which could allow a remote attacker to cause a denial of service. IBM X-Force ID: 249190.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-770 - Allocation of Resources Without Limits or Throttling
    Assigner
    ibm
    Impacted products
    Vendor Product Version
    IBM Safer Payments Affected: 6.1.0.00, 6.2.0.00, 6.5.0.00
    Affected: 6.3.0.00 , ≤ 6.3.1.03 (semver)
    Affected: 6.4.0.00 , ≤ 6.4.2.02 (semver)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T12:16:35.546Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://www.ibm.com/support/pages/node/6985601"
              },
              {
                "tags": [
                  "vdb-entry",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/249190"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-27556",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-01-30T20:44:56.976462Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-01-30T20:45:01.194Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Safer Payments",
              "vendor": "IBM",
              "versions": [
                {
                  "status": "affected",
                  "version": "6.1.0.00, 6.2.0.00, 6.5.0.00"
                },
                {
                  "lessThanOrEqual": "6.3.1.03",
                  "status": "affected",
                  "version": "6.3.0.00",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "6.4.2.02",
                  "status": "affected",
                  "version": "6.4.0.00",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "IBM Counter Fraud Management for Safer Payments 6.1.0.00, 6.2.0.00, 6.3.0.00 through 6.3.1.03, 6.4.0.00 through 6.4.2.02 and 6.5.0.00 does not properly allocate resources without limits or throttling which could allow a remote attacker to cause a denial of service.  IBM X-Force ID:  249190."
                }
              ],
              "value": "IBM Counter Fraud Management for Safer Payments 6.1.0.00, 6.2.0.00, 6.3.0.00 through 6.3.1.03, 6.4.0.00 through 6.4.2.02 and 6.5.0.00 does not properly allocate resources without limits or throttling which could allow a remote attacker to cause a denial of service.  IBM X-Force ID:  249190."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT_NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-770",
                  "description": "CWE-770 Allocation of Resources Without Limits or Throttling",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-05-12T03:15:47.214Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.ibm.com/support/pages/node/6985601"
            },
            {
              "tags": [
                "vdb-entry"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/249190"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "IBM Safer Payments denial of service",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2023-27556",
        "datePublished": "2023-04-28T00:56:37.311Z",
        "dateReserved": "2023-03-02T20:39:33.983Z",
        "dateUpdated": "2025-01-30T20:45:01.194Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-45662 (GCVE-0-2024-45662)

    Vulnerability from cvelistv5 – Published: 2025-01-18 16:19 – Updated: 2025-01-21 20:43
    VLAI
    Title
    IBM Safer Payments denial of service
    Summary
    IBM Safer Payments 6.4.0.00 through 6.4.2.07, 6.5.0.00 through 6.5.0.05, and 6.6.0.00 through 6.6.0.03 could allow a remote attacker to cause a denial of service due to improper allocation of resources.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-770 - Allocation of Resources Without Limits or Throttling
    Assigner
    ibm
    References
    Impacted products
    Vendor Product Version
    IBM Safer Payments Affected: 6.4.0.00 , ≤ 6.4.2.07 (semver)
    Affected: 6.5.0.00 , ≤ 6.5.0.05 (semver)
    Affected: 6.6.0.00 , ≤ 6.6.0.03 (semver)
        cpe:2.3:a:ibm:safer_payments:6.4.0.00:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:safer_payments:6.4.2.07:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:safer_payments:6.5.0.00:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:safer_payments:6.5.0.05:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:safer_payments:6.6.0.00:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:safer_payments:6.6.0.03:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-45662",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-01-21T20:43:13.066247Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-01-21T20:43:58.480Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:ibm:safer_payments:6.4.0.00:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:safer_payments:6.4.2.07:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:safer_payments:6.5.0.00:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:safer_payments:6.5.0.05:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:safer_payments:6.6.0.00:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:safer_payments:6.6.0.03:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "Safer Payments",
              "vendor": "IBM",
              "versions": [
                {
                  "lessThanOrEqual": "6.4.2.07",
                  "status": "affected",
                  "version": "6.4.0.00",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "6.5.0.05",
                  "status": "affected",
                  "version": "6.5.0.00",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "6.6.0.03",
                  "status": "affected",
                  "version": "6.6.0.00",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "IBM Safer Payments\u0026nbsp;6.4.0.00 through 6.4.2.07, 6.5.0.00 through 6.5.0.05, and 6.6.0.00 through 6.6.0.03 could allow a remote attacker to cause a denial of service due to improper allocation of resources."
                }
              ],
              "value": "IBM Safer Payments\u00a06.4.0.00 through 6.4.2.07, 6.5.0.00 through 6.5.0.05, and 6.6.0.00 through 6.6.0.03 could allow a remote attacker to cause a denial of service due to improper allocation of resources."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-770",
                  "description": "CWE-770 Allocation of Resources Without Limits or Throttling",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-01-18T16:19:46.770Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.ibm.com/support/pages/node/7173765"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "IBM Safer Payments denial of service",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2024-45662",
        "datePublished": "2025-01-18T16:19:46.770Z",
        "dateReserved": "2024-09-03T13:50:34.380Z",
        "dateUpdated": "2025-01-21T20:43:58.480Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-27557 (GCVE-0-2023-27557)

    Vulnerability from cvelistv5 – Published: 2023-04-28 01:35 – Updated: 2025-01-30 19:33
    VLAI
    Title
    IBM Safter Payments information disclosure
    Summary
    IBM Counter Fraud Management for Safer Payments 6.1.0.00 through 6.1.1.02, 6.2.0.00 through 6.2.2.02, 6.3.0.00 through 6.3.1.02, 6.4.0.00 through 6.4.2.01, and 6.5.0.00 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 249192.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-327 - Use of a Broken or Risky Cryptographic Algorithm
    Assigner
    ibm
    Impacted products
    Vendor Product Version
    IBM Safer Payments Affected: 6.1.0.00 , ≤ 6.1.1.02 (semver)
    Affected: 6.2.0.00 , ≤ 6.2.2.02 (semver)
    Affected: 6.3.0.00 , ≤ 6.3.1.02 (semver)
    Affected: 6.4.0.00 , ≤ 6.4.2.01 (semver)
    Affected: 6.5.0.00
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T12:16:35.577Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://www.ibm.com/support/pages/node/6985603"
              },
              {
                "tags": [
                  "vdb-entry",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/249192"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-27557",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-01-30T19:33:00.398789Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-01-30T19:33:04.499Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Safer Payments",
              "vendor": "IBM",
              "versions": [
                {
                  "lessThanOrEqual": "6.1.1.02",
                  "status": "affected",
                  "version": "6.1.0.00",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "6.2.2.02",
                  "status": "affected",
                  "version": "6.2.0.00",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "6.3.1.02",
                  "status": "affected",
                  "version": "6.3.0.00",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "6.4.2.01",
                  "status": "affected",
                  "version": "6.4.0.00",
                  "versionType": "semver"
                },
                {
                  "status": "affected",
                  "version": "6.5.0.00"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "IBM Counter Fraud Management for Safer Payments 6.1.0.00 through 6.1.1.02, 6.2.0.00 through 6.2.2.02, 6.3.0.00 through 6.3.1.02, 6.4.0.00 through 6.4.2.01, and 6.5.0.00 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.  IBM X-Force ID:  249192."
                }
              ],
              "value": "IBM Counter Fraud Management for Safer Payments 6.1.0.00 through 6.1.1.02, 6.2.0.00 through 6.2.2.02, 6.3.0.00 through 6.3.1.02, 6.4.0.00 through 6.4.2.01, and 6.5.0.00 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.  IBM X-Force ID:  249192."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 5.9,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-327",
                  "description": "CWE-327 Use of a Broken or Risky Cryptographic Algorithm",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-04-28T01:35:26.863Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.ibm.com/support/pages/node/6985603"
            },
            {
              "tags": [
                "vdb-entry"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/249192"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "IBM Safter Payments information disclosure",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2023-27557",
        "datePublished": "2023-04-28T01:35:26.863Z",
        "dateReserved": "2023-03-02T20:39:33.983Z",
        "dateUpdated": "2025-01-30T19:33:04.499Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-4729 (GCVE-0-2020-4729)

    Vulnerability from cvelistv5 – Published: 2023-04-28 01:11 – Updated: 2025-01-30 20:44
    VLAI
    Title
    IBM Safer Payments denial of service
    Summary
    IBM Counter Fraud Management for Safer Payments 5.7.0.00 through 5.7.0.10, 6.0.0.00 through 6.0.0.07, 6.1.0.00 through 6.1.0.05, and 6.2.0.00 through 6.2.1.00 could allow an authenticated attacker under special circumstances to send multiple specially crafted API requests that could cause the application to crash. IBM X-Force ID: 188052.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • 399 Resource Management Errors
    Assigner
    ibm
    Impacted products
    Vendor Product Version
    IBM Safer Payments Affected: 5.7.0.00 , ≤ 5.7.0.10 (semver)
    Affected: 6.0.0.00 , ≤ 6.0.0.07 (semver)
    Affected: 6.1.0.00 , ≤ 6.1.0.05 (semver)
    Affected: 6.2.0.00 , ≤ 6.2.1.00 (semver)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T08:14:57.903Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://www.ibm.com/support/pages/node/6985595"
              },
              {
                "tags": [
                  "vdb-entry",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/188052"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2020-4729",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-01-30T20:44:37.962162Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-01-30T20:44:41.326Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Safer Payments",
              "vendor": "IBM",
              "versions": [
                {
                  "lessThanOrEqual": "5.7.0.10",
                  "status": "affected",
                  "version": "5.7.0.00",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "6.0.0.07",
                  "status": "affected",
                  "version": "6.0.0.00",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "6.1.0.05",
                  "status": "affected",
                  "version": "6.1.0.00",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "6.2.1.00",
                  "status": "affected",
                  "version": "6.2.0.00",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "IBM Counter Fraud Management for Safer Payments 5.7.0.00 through 5.7.0.10, 6.0.0.00 through 6.0.0.07, 6.1.0.00 through 6.1.0.05, and 6.2.0.00 through 6.2.1.00 could allow an authenticated attacker under special circumstances to send multiple specially crafted API requests that could cause the application to crash.  IBM X-Force ID:  188052."
                }
              ],
              "value": "IBM Counter Fraud Management for Safer Payments 5.7.0.00 through 5.7.0.10, 6.0.0.00 through 6.0.0.07, 6.1.0.00 through 6.1.0.05, and 6.2.0.00 through 6.2.1.00 could allow an authenticated attacker under special circumstances to send multiple specially crafted API requests that could cause the application to crash.  IBM X-Force ID:  188052."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "399 Resource Management Errors",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-04-28T01:11:03.737Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.ibm.com/support/pages/node/6985595"
            },
            {
              "tags": [
                "vdb-entry"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/188052"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "IBM Safer Payments denial of service",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2020-4729",
        "datePublished": "2023-04-28T01:11:03.737Z",
        "dateReserved": "2019-12-30T00:00:00.000Z",
        "dateUpdated": "2025-01-30T20:44:41.326Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-27556 (GCVE-0-2023-27556)

    Vulnerability from cvelistv5 – Published: 2023-04-28 00:56 – Updated: 2025-01-30 20:45
    VLAI
    Title
    IBM Safer Payments denial of service
    Summary
    IBM Counter Fraud Management for Safer Payments 6.1.0.00, 6.2.0.00, 6.3.0.00 through 6.3.1.03, 6.4.0.00 through 6.4.2.02 and 6.5.0.00 does not properly allocate resources without limits or throttling which could allow a remote attacker to cause a denial of service. IBM X-Force ID: 249190.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-770 - Allocation of Resources Without Limits or Throttling
    Assigner
    ibm
    Impacted products
    Vendor Product Version
    IBM Safer Payments Affected: 6.1.0.00, 6.2.0.00, 6.5.0.00
    Affected: 6.3.0.00 , ≤ 6.3.1.03 (semver)
    Affected: 6.4.0.00 , ≤ 6.4.2.02 (semver)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T12:16:35.546Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://www.ibm.com/support/pages/node/6985601"
              },
              {
                "tags": [
                  "vdb-entry",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/249190"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-27556",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-01-30T20:44:56.976462Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-01-30T20:45:01.194Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Safer Payments",
              "vendor": "IBM",
              "versions": [
                {
                  "status": "affected",
                  "version": "6.1.0.00, 6.2.0.00, 6.5.0.00"
                },
                {
                  "lessThanOrEqual": "6.3.1.03",
                  "status": "affected",
                  "version": "6.3.0.00",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "6.4.2.02",
                  "status": "affected",
                  "version": "6.4.0.00",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "IBM Counter Fraud Management for Safer Payments 6.1.0.00, 6.2.0.00, 6.3.0.00 through 6.3.1.03, 6.4.0.00 through 6.4.2.02 and 6.5.0.00 does not properly allocate resources without limits or throttling which could allow a remote attacker to cause a denial of service.  IBM X-Force ID:  249190."
                }
              ],
              "value": "IBM Counter Fraud Management for Safer Payments 6.1.0.00, 6.2.0.00, 6.3.0.00 through 6.3.1.03, 6.4.0.00 through 6.4.2.02 and 6.5.0.00 does not properly allocate resources without limits or throttling which could allow a remote attacker to cause a denial of service.  IBM X-Force ID:  249190."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT_NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-770",
                  "description": "CWE-770 Allocation of Resources Without Limits or Throttling",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-05-12T03:15:47.214Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.ibm.com/support/pages/node/6985601"
            },
            {
              "tags": [
                "vdb-entry"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/249190"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "IBM Safer Payments denial of service",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2023-27556",
        "datePublished": "2023-04-28T00:56:37.311Z",
        "dateReserved": "2023-03-02T20:39:33.983Z",
        "dateUpdated": "2025-01-30T20:45:01.194Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }