Lucene search

IbmCVELIST:CVE-2022-22375

HistoryOct 17, 2023 - 1:21 a.m.

CVE-2022-22375 IBM Security Verify Privilege command execution

2023-10-1701:21:58

CWE-434

ibm

www.cve.org

ibm

security verify privilege

command execution

vulnerability

CVSS3

7.2

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

AI Score

8.5

Confidence

High

EPSS

0.001

Percentile

30.2%

JSON

IBM Security Verify Privilege On-Premises 11.5 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request. IBM X-Force ID: 221681.

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "Security Verify Privilege",
    "vendor": "IBM",
    "versions": [
      {
        "status": "affected",
        "version": "11.5"
      }
    ]
  }
]

References

exchange.xforce.ibmcloud.com/vulnerabilities/221681

www.ibm.com/support/pages/node/7047202

CVSS3

7.2

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

AI Score

8.5

Confidence

High

EPSS

0.001

Percentile

30.2%

JSON

Related for CVELIST:CVE-2022-22375