Lucene search

IbmCVE-2022-22423

HistorySep 23, 2022 - 6:15 p.m.

CVE-2022-22423

2022-09-2318:15:10

CWE-20

ibm

web.nvd.nist.gov

ibm

common cryptographic architecture

cca

5.x

7.x

mtm

4767

4769

denial of service

input validation

ibm x-force

223596

nvd

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

AI Score

5.3

Confidence

High

EPSS

Percentile

5.1%

JSON

IBM Common Cryptographic Architecture (CCA 5.x MTM for 4767 and CCA 7.x MTM for 4769) could allow a local user to cause a denial of service due to improper input validation. IBM X-Force ID: 223596.

Affected configurations

Nvd

Vulners

Node

ibmcommon_cryptographic_architectureRange5.0.0–5.7.12mtm_for_4767

AND

ibmaixMatch-

ibmiMatch-

linuxlinux_kernelMatch-

Node

ibmcommon_cryptographic_architectureRange7.0.0–7.3.44mtm_for_4769

AND

ibmaixMatch-

ibmiMatch-

ibmpowerlinuxMatch-

linuxlinux_kernelMatch-

VendorProductVersionCPE
ibmcommon_cryptographic_architecture*cpe:2.3:a:ibm:common_cryptographic_architecture:*:*:*:*:mtm_for_4767:*:*:*
ibmaix-cpe:2.3:o:ibm:aix:-:*:*:*:*:*:*:*
ibmi-cpe:2.3:o:ibm:i:-:*:*:*:*:*:*:*
linuxlinux_kernel-cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
ibmcommon_cryptographic_architecture*cpe:2.3:a:ibm:common_cryptographic_architecture:*:*:*:*:mtm_for_4769:*:*:*
ibmpowerlinux-cpe:2.3:o:ibm:powerlinux:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
ibm	common_cryptographic_architecture	*	cpe:2.3:a:ibm:common_cryptographic_architecture:::::mtm_for_4767:::*
ibm	aix	-	cpe:2.3:o:ibm:aix:-:::::::*
ibm	i	-	cpe:2.3:o:ibm:i:-:::::::*
linux	linux_kernel	-	cpe:2.3:o:linux:linux_kernel:-:::::::*
ibm	common_cryptographic_architecture	*	cpe:2.3:a:ibm:common_cryptographic_architecture:::::mtm_for_4769:::*
ibm	powerlinux	-	cpe:2.3:o:ibm:powerlinux:-:::::::*

CNA Affected

[
  {
    "product": "CCA for MTM 4767",
    "vendor": "IBM",
    "versions": [
      {
        "status": "affected",
        "version": "5.7.11"
      },
      {
        "status": "affected",
        "version": "5.0"
      },
      {
        "status": "affected",
        "version": "5.1"
      },
      {
        "status": "affected",
        "version": "5.2"
      },
      {
        "status": "affected",
        "version": "5.3"
      },
      {
        "status": "affected",
        "version": "5.4"
      },
      {
        "status": "affected",
        "version": "5.5"
      },
      {
        "status": "affected",
        "version": "5.6"
      },
      {
        "status": "affected",
        "version": "5.7"
      },
      {
        "status": "affected",
        "version": "7.0"
      },
      {
        "status": "affected",
        "version": "7.1"
      },
      {
        "status": "affected",
        "version": "7.2"
      },
      {
        "status": "affected",
        "version": "7.3"
      },
      {
        "status": "affected",
        "version": "7.3.43"
      }
    ]
  }
]

References

exchange.xforce.ibmcloud.com/vulnerabilities/223596

www.ibm.com/support/pages/node/6695893

Social References

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

AI Score

5.3

Confidence

High

EPSS

Percentile

5.1%

JSON

Related for CVE-2022-22423