Lucene search

IbmCVELIST:CVE-2022-22385

HistoryOct 17, 2023 - 1:11 a.m.

CVE-2022-22385 IBM Security Verify Privilege information disclosure

2023-10-1701:11:48

CWE-319

ibm

www.cve.org

ibm

security verify privilege

information disclosure

clear text transmission

CVSS3

5.9

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

AI Score

Confidence

High

EPSS

0.001

Percentile

31.8%

JSON

IBM Security Verify Privilege On-Premises 11.5 could disclose sensitive information to an attacked due to the transmission of data in clear text. IBM X-Force ID: 221962.

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "Security Verify Privilege",
    "vendor": "IBM",
    "versions": [
      {
        "status": "affected",
        "version": "11.5"
      }
    ]
  }
]

References

exchange.xforce.ibmcloud.com/vulnerabilities/221962

www.ibm.com/support/pages/node/7047202

CVSS3

5.9

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

AI Score

Confidence

High

EPSS

0.001

Percentile

31.8%

JSON

Related for CVELIST:CVE-2022-22385