Lucene search
IBM414EFDE1B472FF6B0B7C511B843DE1AEE27D4904F9CFC8327A1EB09A34CED805HistoryApr 27, 2022 - 11:10 p.m.
Security Bulletin: IBM InfoSphere Information Server is vulnerable to privilege escalation (CVE-2022-22441)
2022-04-2723:10:43
www.ibm.com
75
ibm
infosphere
information server
privilege escalation
vulnerability
11.7.1.0
11.7.1.3
11.7.1.3 service pack 4
jr64765
cve-2022-22441
EPSS
0.001
Percentile
23.7%
Summary
A privilege escalation vulnerability in InfoSphere Information Server was addressed.
Vulnerability Details
CVEID:CVE-2022-22441
**DESCRIPTION:**IBM InfoSphere Information Server could allow an authenticated user to view information of higher privileged users and groups due to a privilege escalation vulnerability.
CVSS Base score: 6.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/224426 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N)
Affected Products and Versions
| Affected Product(s) | Version(s) |
|---|---|
| InfoSphere Information Server, Information Server on Cloud | 11.7 |
Remediation/Fixes
| Product | VRMF | APAR | Remediation |
|---|---|---|---|
| InfoSphere Information Server, InfoSphere Information Server on Cloud | 11.7 | JR64765 | --Apply IBM InfoSphere Information Server version 11.7.1.0 |
| --Apply IBM InfoSphere Information Server version 11.7.1.3 | |||
| --Apply Information Server 11.7.1.3 Service pack 4 |
Workarounds and Mitigations
None
Affected configurations
Node
ibminfosphere_information_serverMatch11.7
| Vendor | Product | Version | CPE |
|---|---|---|---|
| ibm | infosphere_information_server | 11.7 | cpe:2.3:a:ibm:infosphere_information_server:11.7:*:*:*:*:*:*:* |
Related
cve
cve
CVE-2022-22441
2022-04-28 16:15:08
nvd
nvd
CVE-2022-22441
2022-04-28 16:15:08
prion
prion
Privilege escalation
2022-04-28 16:15:00
cvelist
cvelist
CVE-2022-22441
2022-04-28 16:10:31
EPSS
0.001
Percentile
23.7%
Related for 414EFDE1B472FF6B0B7C511B843DE1AEE27D4904F9CFC8327A1EB09A34CED805