Lucene search

IbmCVE-2022-43901

HistoryDec 01, 2022 - 7:15 p.m.

CVE-2022-43901

2022-12-0119:15:10

CWE-200

CWE-668

ibm

web.nvd.nist.gov

ibm

websphere

automation

cloud pak

watson

aiops

cve-2022-43901

vulnerability

information disclosure

ibm x-force

CVSS3

5.7

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

AI Score

5.2

Confidence

High

EPSS

Percentile

5.1%

JSON

IBM WebSphere Automation for IBM Cloud Pak for Watson AIOps 1.4.3 could disclose sensitive information. An authenticated local attacker could exploit this vulnerability to possibly gain information to other IBM WebSphere Automation for IBM Cloud Pak for Watson AIOps components. IBM X-Force ID: 240829.

Affected configurations

Nvd

Vulners

Node

ibmwebsphere_automation_for_ibm_cloud_pak_for_watson_aiopsRange<1.4.3

VendorProductVersionCPE
ibmwebsphere_automation_for_ibm_cloud_pak_for_watson_aiops*cpe:2.3:a:ibm:websphere_automation_for_ibm_cloud_pak_for_watson_aiops:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
ibm	websphere_automation_for_ibm_cloud_pak_for_watson_aiops	*	cpe:2.3:a:ibm:websphere_automation_for_ibm_cloud_pak_for_watson_aiops::::::::

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "WebSphere Automation for Cloud Pak for Watson AIOps",
    "vendor": "IBM",
    "versions": [
      {
        "status": "affected",
        "version": "1.4.3"
      }
    ]
  }
]

References

exchange.xforce.ibmcloud.com/vulnerabilities/240829

www.ibm.com/support/pages/node/6842605

CVSS3

5.7

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

AI Score

5.2

Confidence

High

EPSS

Percentile

5.1%

JSON

Related for CVE-2022-43901