Lucene search
HistoryOct 07, 2022 - 5:15 p.m.
CVE-2022-22493
ibm
websphere
automation
cloud pak
watson
aiops
cve-2022-22493
cross-site request forgery
cookie attribute
ibm x-force id
226449
vulnerability
nvd
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8.2 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
29.6%
IBM WebSphere Automation for Cloud Pak for Watson AIOps 1.4.2 is vulnerable to cross-site request forgery, caused by improper cookie attribute setting. IBM X-Force ID: 226449.
Affected configurations
Node
ibmwebsphere_automation_for_ibm_cloud_pak_for_watson_aiopsMatch1.4.2
| Vendor | Product | Version | CPE |
|---|---|---|---|
| ibm | websphere_automation_for_ibm_cloud_pak_for_watson_aiops | 1.4.2 | cpe:2.3:a:ibm:websphere_automation_for_ibm_cloud_pak_for_watson_aiops:1.4.2:*:*:*:*:*:*:* |
CNA Affected
[
{
"vendor": "IBM",
"product": "WebSphere Automation for Cloud Pak for Watson AIOps",
"versions": [
{
"version": "1.4.2",
"status": "affected"
}
]
}
]Social References
More
Related
nvd
nvd
CVE-2022-22493
2022-10-07 17:15:10
cvelist
cvelist
CVE-2022-22493
2022-10-04 00:00:00
prion
prion
Cross site request forgery (csrf)
2022-10-07 17:15:00
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8.2 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
29.6%
Related for CVE-2022-22493