CVE-2022-31773

🗓️ 26 Aug 2022 17:25:12Reported by ibmType

IBM DataPower Gateway V10CD, 10.0.1, and 2018.4.1 cross-site request forgery vulnerabilit

Reporter	Title	Published	Views	Family All 11
IBM Security Bulletins	Security Bulletin: IBM MQ Appliance is vulnerable to cross-site request forgery (CVE-2022-31773)	6 Jan 202309:35	–	ibm
IBM Security Bulletins	Security Bulletin: IBM DataPower Gateway vulnerable to CSRF attack	18 Nov 202215:24	–	ibm
ATTACKERKB	CVE-2022-31773	25 Aug 202200:00	–	attackerkb
Circl	CVE-2022-31773	26 Aug 202222:30	–	circl
CNNVD	IBM DataPower Gateway 跨站请求伪造漏洞	26 Aug 202200:00	–	cnnvd
CNVD	IBM DataPower Gateway Cross-Site Request Forgery Vulnerability	31 Aug 202200:00	–	cnvd
CVE	CVE-2022-31773	26 Aug 202217:25	–	cve
EUVD	EUVD-2022-53167	3 Oct 202520:07	–	euvd
NVD	CVE-2022-31773	26 Aug 202218:15	–	nvd
OSV	CVE-2022-31773	26 Aug 202218:15	–	osv

[
  {
    "product": "DataPower Gateway",
    "vendor": "IBM",
    "versions": [
      {
        "status": "affected",
        "version": "2018.4.1.0"
      },
      {
        "status": "affected",
        "version": "10.0.1.0"
      },
      {
        "status": "affected",
        "version": "10.0.2.0"
      },
      {
        "status": "affected",
        "version": "10.0.4.0"
      },
      {
        "status": "affected",
        "version": "2018.4.1.21"
      },
      {
        "status": "affected",
        "version": "10.0.1.8"
      }
    ]
  }
]

Source	Link
ibm	www.ibm.com/support/pages/node/6615307
exchange	www.exchange.xforce.ibmcloud.com/vulnerabilities/228357

26 Aug 2022 17:25Current

8.4High risk

Vulners AI Score8.4

CVSS 38.8

EPSS0.00346