Lucene search

[email protected]CVE-2022-43889

HistoryOct 17, 2023 - 2:15 a.m.

CVE-2022-43889

2023-10-1702:15:10

CWE-200

[email protected]

web.nvd.nist.gov

ibm

security

verify

privilege

on-premises

11.5

vulnerability

cve-2022-43889

nvd

ibm x-force id

240452

information disclosure

http request

attack

5.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

4.8 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

13.1%

JSON

IBM Security Verify Privilege On-Premises 11.5 could disclose sensitive information through an HTTP request that could aid an attacker in further attacks against the system. IBM X-Force ID: 240452.

Affected configurations

Vulners

NVD

Node

ibmsecurity_verify_privilege_managerMatch11.5

VendorProductVersionCPE
ibmsecurity_verify_privilege_manager11.5cpe:2.3:a:ibm:security_verify_privilege_manager:11.5:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
ibm	security_verify_privilege_manager	11.5	cpe:2.3:a:ibm:security_verify_privilege_manager:11.5:::::::*

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "Security Verify Privilege",
    "vendor": "IBM",
    "versions": [
      {
        "status": "affected",
        "version": "11.5"
      }
    ]
  }
]

References

exchange.xforce.ibmcloud.com/vulnerabilities/240452

www.ibm.com/support/pages/node/7047202

5.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

4.8 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

13.1%

JSON

Related for CVE-2022-43889

nvd1 prion1 cvelist1 ibm1