Lucene search

IBMEE760516EA5BFB0BA8A605A92BB758CEA5CAD8C03E1D3EF2C0AB0971FA57DD72

HistoryJul 21, 2022 - 10:52 a.m.

Security Bulletin: A security vulnerability has been identified in WebSphere® Application Server shipped with IBM® Intelligent Operations Center (CVE-2022-22365)

2022-07-2110:52:54

www.ibm.com

ibm

websphere application server

intelligent operations center

cve-2022-22365

security bulletin

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

CVSS3

5.9

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

EPSS

0.001

Percentile

24.2%

JSON

Summary

IBM WebSphere® Application Server is shipped with IBM® Intelligent Operations Center. Information about a security vulnerability affecting IBM WebSphere® Application Server has been published in a security bulletin.

Vulnerability Details

Refer to the security bulletin(s) listed in the Remediation/Fixes section

Affected Products and Versions

Affected Product(s)	Version(s)
IBM® Intelligent Operations Center V1.5.0, V1.5.0.1, V1.5.0.2, V1.6.0, V1.6.0.1, V1.6.0.2, V1.6.0.3, V5.1.0, V5.1.0.1, V5.1.0.2, V5.1.0.3, V5.1.0.4, V5.1.0.5, V5.1.0.6, V5.1.0.7, V5.1.0.8, V5.1.0.9, V5.1.0.10, V5.1.0.11, V5.1.0.12, V5.1.0.13, V5.1.0.14, V5.2.0, V5.2.1 and V5.2.2	IBM WebSphere® Application Server V7.0, V8.0, V8.5, V9.0, and Liberty

Remediation/Fixes

Download the correct version of the fix from the following link: Security Bulletin: IBM WebSphere Application Server is vulnerable to Spoofing (CVE-2022-22365) . Installation instructions for the fix are included in the readme document that is in the fix package.

Workarounds and Mitigations

None

Affected configurations

Vulners

Node

ibmintelligent_operations_center_for_emergency_managementMatch1.6

ibmintelligent_operations_center_for_emergency_managementMatch5.1.0

ibmintelligent_operations_center_for_emergency_managementMatch5.1.0.1

ibmintelligent_operations_center_for_emergency_managementMatch5.1.0.2

ibmintelligent_operations_center_for_emergency_managementMatch5.1.0.3

ibmintelligent_operations_center_for_emergency_managementMatch5.1.0.4

ibmintelligent_operations_center_for_emergency_managementMatch5.1.0.5

ibmintelligent_operations_center_for_emergency_managementMatch5.1.0.6

ibmintelligent_operations_centerMatch1.5.0

ibmintelligent_operations_centerMatch1.5.0.1

ibmintelligent_operations_centerMatch1.5.0.2

ibmintelligent_operations_centerMatch1.6.0

ibmintelligent_operations_centerMatch1.6.0.1

ibmintelligent_operations_centerMatch1.6.0.2

ibmintelligent_operations_centerMatch1.6.0.3

ibmintelligent_operations_centerMatch5.1.0

ibmintelligent_operations_centerMatch5.1.0.1

ibmintelligent_operations_centerMatch5.1.0.2

ibmintelligent_operations_centerMatch5.1.0.3

ibmintelligent_operations_centerMatch5.1.0.4

ibmintelligent_operations_centerMatch5.1.0.5

ibmintelligent_operations_centerMatch5.1.0.6

ibmintelligent_operations_centerMatch5.1.0.7

ibmintelligent_operations_centerMatch5.1.0.8

ibmintelligent_operations_centerMatch5.1.0.9

ibmintelligent_operations_centerMatch5.1.0.10

ibmintelligent_operations_centerMatch5.1.0.11

ibmintelligent_operations_centerMatch5.1.0.12

ibmintelligent_operations_centerMatch5.1.0.13

ibmintelligent_operations_centerMatch5.1.0.14

ibmintelligent_operations_centerMatch5.2.0

ibmintelligent_operations_centerMatch5.2.1

ibmwater_operations_for_waternamicsMatch5.1

ibmwater_operations_for_waternamicsMatch5.2.0

ibmwater_operations_for_waternamicsMatch5.2.0.1

ibmwater_operations_for_waternamicsMatch5.2.0.2

ibmwater_operations_for_waternamicsMatch5.2.0.3

ibmwater_operations_for_waternamicsMatch5.2.0.4

ibmwater_operations_for_waternamicsMatch5.2.0.5

ibmwater_operations_for_waternamicsMatch5.2.0.6

ibmwater_operations_for_waternamicsMatch5.2.1

ibmwater_operations_for_waternamicsMatch5.2.1.1

VendorProductVersionCPE
ibmintelligent_operations_center_for_emergency_management1.6cpe:2.3:a:ibm:intelligent_operations_center_for_emergency_management:1.6:*:*:*:*:*:*:*
ibmintelligent_operations_center_for_emergency_management5.1.0cpe:2.3:a:ibm:intelligent_operations_center_for_emergency_management:5.1.0:*:*:*:*:*:*:*
ibmintelligent_operations_center_for_emergency_management5.1.0.1cpe:2.3:a:ibm:intelligent_operations_center_for_emergency_management:5.1.0.1:*:*:*:*:*:*:*
ibmintelligent_operations_center_for_emergency_management5.1.0.2cpe:2.3:a:ibm:intelligent_operations_center_for_emergency_management:5.1.0.2:*:*:*:*:*:*:*
ibmintelligent_operations_center_for_emergency_management5.1.0.3cpe:2.3:a:ibm:intelligent_operations_center_for_emergency_management:5.1.0.3:*:*:*:*:*:*:*
ibmintelligent_operations_center_for_emergency_management5.1.0.4cpe:2.3:a:ibm:intelligent_operations_center_for_emergency_management:5.1.0.4:*:*:*:*:*:*:*
ibmintelligent_operations_center_for_emergency_management5.1.0.5cpe:2.3:a:ibm:intelligent_operations_center_for_emergency_management:5.1.0.5:*:*:*:*:*:*:*
ibmintelligent_operations_center_for_emergency_management5.1.0.6cpe:2.3:a:ibm:intelligent_operations_center_for_emergency_management:5.1.0.6:*:*:*:*:*:*:*
ibmintelligent_operations_center1.5.0cpe:2.3:a:ibm:intelligent_operations_center:1.5.0:*:*:*:*:*:*:*
ibmintelligent_operations_center1.5.0.1cpe:2.3:a:ibm:intelligent_operations_center:1.5.0.1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
ibm	intelligent_operations_center_for_emergency_management	1.6	cpe:2.3:a:ibm:intelligent_operations_center_for_emergency_management:1.6:::::::*
ibm	intelligent_operations_center_for_emergency_management	5.1.0	cpe:2.3:a:ibm:intelligent_operations_center_for_emergency_management:5.1.0:::::::*
ibm	intelligent_operations_center_for_emergency_management	5.1.0.1	cpe:2.3:a:ibm:intelligent_operations_center_for_emergency_management:5.1.0.1:::::::*
ibm	intelligent_operations_center_for_emergency_management	5.1.0.2	cpe:2.3:a:ibm:intelligent_operations_center_for_emergency_management:5.1.0.2:::::::*
ibm	intelligent_operations_center_for_emergency_management	5.1.0.3	cpe:2.3:a:ibm:intelligent_operations_center_for_emergency_management:5.1.0.3:::::::*
ibm	intelligent_operations_center_for_emergency_management	5.1.0.4	cpe:2.3:a:ibm:intelligent_operations_center_for_emergency_management:5.1.0.4:::::::*
ibm	intelligent_operations_center_for_emergency_management	5.1.0.5	cpe:2.3:a:ibm:intelligent_operations_center_for_emergency_management:5.1.0.5:::::::*
ibm	intelligent_operations_center_for_emergency_management	5.1.0.6	cpe:2.3:a:ibm:intelligent_operations_center_for_emergency_management:5.1.0.6:::::::*
ibm	intelligent_operations_center	1.5.0	cpe:2.3:a:ibm:intelligent_operations_center:1.5.0:::::::*
ibm	intelligent_operations_center	1.5.0.1	cpe:2.3:a:ibm:intelligent_operations_center:1.5.0.1:::::::*

Rows per page:

1-10 of 421

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

CVSS3

5.9

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

EPSS

0.001

Percentile

24.2%

JSON

Related for EE760516EA5BFB0BA8A605A92BB758CEA5CAD8C03E1D3EF2C0AB0971FA57DD72