3.3
CVE-2022-22426
- EPSS 0.04%
- Veröffentlicht 10.06.2022 16:15:07
- Zuletzt bearbeitet 21.11.2024 06:46:47
- Quelle psirt@us.ibm.com
- CVE-Watchlists
- Unerledigt
LoginIBM Spectrum Copy Data Management Admin 2.2.0.0 through 2.2.15.0 could allow a local attacker to bypass authentication restrictions, caused by the lack of proper session management. An attacker could exploit this vulnerability to bypass authentication and gain unauthorized access to the Spectrum Copy Data Management catalog which contains metadata. IBM X-Force ID: 223718.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Ibm ≫ Spectrum Copy Data Management Version >= 2.2.0.0 <= 2.2.15.0
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.04% | 0.101 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 3.3 | 1.8 | 1.4 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
|
| nvd@nist.gov | 2.1 | 3.9 | 2.9 |
AV:L/AC:L/Au:N/C:P/I:N/A:N
|
| psirt@us.ibm.com | 2.9 | 1.4 | 1.4 |
CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
|