Lucene search
IbmCVELIST:CVE-2022-35282HistorySep 28, 2022 - 3:55 p.m.
CVE-2022-35282
2022-09-2815:55:14
ibm
www.cve.org
4
ibm
websphere
ssrf
vulnerability
sensitive data
CVSS3
4.3
Attack Vector
ADJACENT
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C
EPSS
0.001
Percentile
17.7%
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to server-side request forgery (SSRF). By sending a specially crafted request, an attacker with local network access could exploit this vulnerability to obtain sensitive data.
CNA Affected
[
{
"product": "WebSphere Application Server",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "7.0"
},
{
"status": "affected",
"version": "8.0"
},
{
"status": "affected",
"version": "8.5"
},
{
"status": "affected",
"version": "9.0"
}
]
}
]Related
cnvd
cnvd
IBM WebSphere Application Server Code Issue Vulnerability (CNVD-2022-66768)
2022-09-29 00:00:00
ibm
ibm
cve
cve
CVE-2022-35282
2022-09-28 16:15:11
nessus
nessus
IBM WebSphere Application SSRF (6824179)
2022-09-30 00:00:00
prion
prion
Server side request forgery (ssrf)
2022-09-28 16:15:00
nvd
nvd
CVE-2022-35282
2022-09-28 16:15:11
CVSS3
4.3
Attack Vector
ADJACENT
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C
EPSS
0.001
Percentile
17.7%
Related for CVELIST:CVE-2022-35282