Lucene search

K
ibmIBM61576C38D67F4C2AE3402398226DBE2A75A936DBD3C76DE52E71371EE31E9787
HistoryMay 24, 2022 - 9:57 a.m.

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server, which is a required product for IBM Tivoli Netcool Configuration Manager (CVE-2022-22719, CVE-2022-22720, CVE-2022-22721)

2022-05-2409:57:01
www.ibm.com
55
ibm
websphere
application server
tivoli netcool
configuration manager
cve-2022-22719
cve-2022-22720
cve-2022-22721
vulnerability
ibm http server
itncm
6.4.2

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.314

Percentile

97.0%

Summary

IBM WebSphere Application Server is a required product for IBM Tivoli Netcool Configuration Manager (ITNCM) version 6.4.2. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin.

Vulnerability Details

Refer to the security bulletin(s) listed in the Remediation/Fixes section

Affected Products and Versions

Affected Product(s) Version(s)
ITNCM 6.4.2

Remediation/Fixes

Affected Product(s) Version(s) Remediation
ITNCM 6.4.2

Multiple vulnerabilities in IBM HTTP Server used by IBM WebSphere Application Server

See section: For V8.5.0.0 through 8.5.5.21:

Workarounds and Mitigations

None

Affected configurations

Vulners
Node
ibmtivoli_netcool_security_managerMatch6.4.2
VendorProductVersionCPE
ibmtivoli_netcool_security_manager6.4.2cpe:2.3:a:ibm:tivoli_netcool_security_manager:6.4.2:*:*:*:*:*:*:*

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.314

Percentile

97.0%