CVE-2023-28523

HIGH

IBM Informix Dynamic Server <14.10 - Buffer Overflow

Title source: llm
STIX 2.1

Description

IBM Informix Dynamic Server 12.10 and 14.10 onsmsync is vulnerable to a heap buffer overflow, caused by improper bounds checking which could allow an attacker to execute arbitrary code. IBM X-Force ID: 250753.

References (2)

Core 2
Core References
Vendor Advisory vendor-advisory
https://www.ibm.com/support/pages/node/7070188

Scores

CVSS v3 8.4
EPSS 0.0004
EPSS Percentile 11.3%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact total

Details

CWE
CWE-122 CWE-787
Status published
Products (3)
ibm/informix_dynamic_server 12.10
ibm/informix_dynamic_server 14.10
ibm/informix_dynamic_server_on_cloud_pak_for_data
Published Dec 09, 2023
Tracked Since Feb 18, 2026