Lucene search
IbmCVE-2022-38385HistoryNov 15, 2022 - 9:15 p.m.
CVE-2022-38385
2022-11-1521:15:37
CWE-20
ibm
web.nvd.nist.gov
39
5
ibm
cloud pak
security
cp4s
vulnerability
input validation
CVSS3
8.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
AI Score
7.5
Confidence
High
EPSS
0.001
Percentile
34.4%
IBM Cloud Pak for Security (CP4S) 1.10.0.0 through 1.10.2.0 could allow an authenticated user to obtain highly sensitive information or perform unauthorized actions due to improper input validation. IBM X-Force ID: 233777.
Affected configurations
Node
ibmcloud_pak_for_securityRange1.10.0.0–1.10.2.0
linuxlinux_kernelMatch-
| Vendor | Product | Version | CPE |
|---|---|---|---|
| ibm | cloud_pak_for_security | * | cpe:2.3:a:ibm:cloud_pak_for_security:*:*:*:*:*:*:*:* |
| linux | linux_kernel | - | cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* |
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "Cloud Pak for Security ",
"vendor": "IBM",
"versions": [
{
"lessThan": "1.10.2.0",
"status": "affected",
"version": "1.10.0.0",
"versionType": "custom"
}
]
}
]Social References
More
Related
cvelist
cvelist
CVE-2022-38385
2022-11-11 18:19:55
prion
prion
Input validation
2022-11-15 21:15:00
ibm
ibm
nvd
nvd
CVE-2022-38385
2022-11-15 21:15:37
CVSS3
8.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
AI Score
7.5
Confidence
High
EPSS
0.001
Percentile
34.4%
Related for CVE-2022-38385