Lucene search

IbmVULNRICHMENT:CVE-2022-22380

HistoryOct 17, 2023 - 1:25 a.m.

CVE-2022-22380 IBM Security Verify Privilege improper authentication

2023-10-1701:25:30

CWE-295

ibm

github.com

ibm

security verify

privilege

on-premises

11.5

authentication

flaw

x-force

221957

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L

AI Score

6.3

Confidence

Low

SSVC

Exploitation

none

Automatable

Technical Impact

partial

JSON

IBM Security Verify Privilege On-Premises 11.5 could allow an attacker to spoof a trusted entity due to improperly validating certificates. IBM X-Force ID: 221957.

References

exchange.xforce.ibmcloud.com/vulnerabilities/221957

www.ibm.com/support/pages/node/7047202