Lucene search
IbmCVE-2022-40230HistoryNov 03, 2022 - 8:15 p.m.
CVE-2022-40230
2022-11-0320:15:31
CWE-613
ibm
web.nvd.nist.gov
37
3
ibm
mq appliance
security
vulnerability
logout
impersonation
CVSS3
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
AI Score
6.1
Confidence
High
EPSS
0.001
Percentile
19.7%
“IBM MQ Appliance 9.2 CD, 9.2 LTS, 9.3 CD, and LTS 9.3 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system. IBM X-Force ID: 235532.”
Affected configurations
Node
ibmmq_applianceMatch9.2.0.0continuous_delivery
ORibmmq_applianceMatch9.2.0.0lts
ORibmmq_applianceMatch9.3.0.0continuous_delivery
ORibmmq_applianceMatch9.3.0.0lts
| Vendor | Product | Version | CPE |
|---|---|---|---|
| ibm | mq_appliance | 9.2.0.0 | cpe:2.3:a:ibm:mq_appliance:9.2.0.0:*:*:*:continuous_delivery:*:*:* |
| ibm | mq_appliance | 9.2.0.0 | cpe:2.3:a:ibm:mq_appliance:9.2.0.0:*:*:*:lts:*:*:* |
| ibm | mq_appliance | 9.3.0.0 | cpe:2.3:a:ibm:mq_appliance:9.3.0.0:*:*:*:continuous_delivery:*:*:* |
| ibm | mq_appliance | 9.3.0.0 | cpe:2.3:a:ibm:mq_appliance:9.3.0.0:*:*:*:lts:*:*:* |
CNA Affected
[
{
"vendor": "n/a",
"product": "IBM MQ Appliance ",
"versions": [
{
"version": "\"9.2 CD, 9.2 LTS, 9.3 CD, and LTS 9.3\"",
"status": "affected"
}
]
}
]References
Social References
More
Related
cvelist
cvelist
CVE-2022-40230
2022-11-03 00:00:00
ibm
ibm
veracode
veracode
Insecure Session Management
2022-11-08 16:14:44
prion
prion
Code injection
2022-11-03 20:15:00
nvd
nvd
CVE-2022-40230
2022-11-03 20:15:31
CVSS3
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
AI Score
6.1
Confidence
High
EPSS
0.001
Percentile
19.7%
Related for CVE-2022-40230