Lucene search

IbmCVE-2022-32752

HistoryJun 15, 2023 - 3:15 a.m.

CVE-2022-32752

2023-06-1503:15:09

CWE-78

ibm

web.nvd.nist.gov

ibm

security

directory suite

cve-2022-32752

remote authenticated

arbitrary commands

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

8.4

Confidence

High

EPSS

0.001

Percentile

46.2%

JSON

IBM Security Directory Suite VA 8.0.1 through 8.0.1.19 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request. IBM X-Force ID: 228439.

Affected configurations

Nvd

Vulners

Node

ibmsecurity_directory_suite_vaRange8.0.1–8.0.1.19

VendorProductVersionCPE
ibmsecurity_directory_suite_va*cpe:2.3:a:ibm:security_directory_suite_va:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
ibm	security_directory_suite_va	*	cpe:2.3:a:ibm:security_directory_suite_va::::::::

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "Security Directory Suite VA",
    "vendor": "IBM",
    "versions": [
      {
        "lessThanOrEqual": "8.0.1.19",
        "status": "affected",
        "version": "8.0.1",
        "versionType": "semver"
      }
    ]
  }
]

References

exchange.xforce.ibmcloud.com/vulnerabilities/228439

www.ibm.com/support/pages/node/7001693

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

8.4

Confidence

High

EPSS

0.001

Percentile

46.2%

JSON

Related for CVE-2022-32752