Lucene search

IbmCVELIST:CVE-2022-43901

HistoryDec 01, 2022 - 6:09 p.m.

CVE-2022-43901 IBM WebSphere Automation for IBM Cloud Pak for Watson AIOps information disclosure

2022-12-0118:09:20

CWE-200

ibm

www.cve.org

ibm cloud pak

watson aiops

information disclosure

vulnerability

ibm x-force id

CVSS3

5.7

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

AI Score

5.5

Confidence

High

EPSS

Percentile

5.1%

JSON

IBM WebSphere Automation for IBM Cloud Pak for Watson AIOps 1.4.3 could disclose sensitive information. An authenticated local attacker could exploit this vulnerability to possibly gain information to other IBM WebSphere Automation for IBM Cloud Pak for Watson AIOps components. IBM X-Force ID: 240829.

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "WebSphere Automation for Cloud Pak for Watson AIOps",
    "vendor": "IBM",
    "versions": [
      {
        "status": "affected",
        "version": "1.4.3"
      }
    ]
  }
]

References

exchange.xforce.ibmcloud.com/vulnerabilities/240829

www.ibm.com/support/pages/node/6842605

CVSS3

5.7

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

AI Score

5.5

Confidence

High

EPSS

Percentile

5.1%

JSON

Related for CVELIST:CVE-2022-43901