{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-30T06:01:41.238","vulnerabilities":[{"cve":{"id":"CVE-2024-23621","sourceIdentifier":"disclosures@exodusintel.com","published":"2024-01-26T00:15:09.957","lastModified":"2024-11-21T08:58:01.583","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A buffer overflow exists in IBM Merge Healthcare eFilm Workstation license server. A remote, unauthenticated attacker can exploit this vulnerability to achieve remote code execution."},{"lang":"es","value":"Existe un desbordamiento de búfer en el servidor de licencias de IBM Merge Healthcare eFilm Workstation. Un atacante remoto no autenticado puede aprovechar esta vulnerabilidad para lograr la ejecución remota de código."}],"metrics":{"cvssMetricV31":[{"source":"disclosures@exodusintel.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H","baseScore":10.0,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":6.0},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"cvssMetricV2":[{"source":"disclosures@exodusintel.com","type":"Secondary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:C/I:C/A:C","baseScore":10.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"disclosures@exodusintel.com","type":"Secondary","description":[{"lang":"en","value":"CWE-131"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-120"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:merge_efilm_workstation:*:*:*:*:*:*:*:*","versionEndIncluding":"4.2","matchCriteriaId":"6BD4D17F-7208-4C0C-8CDA-39EE7FEEE431"}]}]}],"references":[{"url":"https://blog.exodusintel.com/2024/01/25/ibm-merge-healthcare-efilm-workstation-license-server-buffer-overflow/","source":"disclosures@exodusintel.com","tags":["Third Party Advisory"]},{"url":"https://blog.exodusintel.com/2024/01/25/ibm-merge-healthcare-efilm-workstation-license-server-buffer-overflow/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}}]}