Lucene search

IbmCVELIST:CVE-2022-22411

HistoryAug 04, 2022 - 12:00 a.m.

CVE-2022-22411

2022-08-0400:00:00

ibm

www.cve.org

6.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:H/A:N/E:U/RL:O/RC:C

6.3 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

19.9%

JSON

IBM Spectrum Scale Data Access Services (DAS) 5.1.3.1 could allow an authenticated user to insert code which could allow the attacker to manipulate cluster resources due to excessive permissions. IBM X-Force ID: 223016.

CNA Affected

[
  {
    "product": "Spectrum Scale DAS",
    "vendor": "IBM",
    "versions": [
      {
        "status": "affected",
        "version": "5.1.3.1"
      }
    ]
  }
]

References

exchange.xforce.ibmcloud.com/vulnerabilities/223016

www.ibm.com/support/pages/node/6610277

6.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:H/A:N/E:U/RL:O/RC:C

6.3 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

19.9%

JSON

Related for CVELIST:CVE-2022-22411