Lucene search

IBMEE760516EA5BFB0BA8A605A92BB758CEA5CAD8C03E1D3EF2C0AB0971FA57DD72

HistoryJul 21, 2022 - 10:52 a.m.

Security Bulletin: A security vulnerability has been identified in WebSphere® Application Server shipped with IBM® Intelligent Operations Center (CVE-2022-22365)

2022-07-2110:52:54

www.ibm.com

5.9 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.001 Low

EPSS

Percentile

23.4%

JSON

Summary

IBM WebSphere® Application Server is shipped with IBM® Intelligent Operations Center. Information about a security vulnerability affecting IBM WebSphere® Application Server has been published in a security bulletin.

Vulnerability Details

Refer to the security bulletin(s) listed in the Remediation/Fixes section

Affected Products and Versions

Affected Product(s)	Version(s)
IBM® Intelligent Operations Center V1.5.0, V1.5.0.1, V1.5.0.2, V1.6.0, V1.6.0.1, V1.6.0.2, V1.6.0.3, V5.1.0, V5.1.0.1, V5.1.0.2, V5.1.0.3, V5.1.0.4, V5.1.0.5, V5.1.0.6, V5.1.0.7, V5.1.0.8, V5.1.0.9, V5.1.0.10, V5.1.0.11, V5.1.0.12, V5.1.0.13, V5.1.0.14, V5.2.0, V5.2.1 and V5.2.2	IBM WebSphere® Application Server V7.0, V8.0, V8.5, V9.0, and Liberty

Remediation/Fixes

Download the correct version of the fix from the following link: Security Bulletin: IBM WebSphere Application Server is vulnerable to Spoofing (CVE-2022-22365) . Installation instructions for the fix are included in the readme document that is in the fix package.

Workarounds and Mitigations

None

CPENameOperatorVersion
ibm intelligent operations center for emergency managementeq1.6
ibm intelligent operations center for emergency managementeq5.1.0
ibm intelligent operations center for emergency managementeq5.1.0.1
ibm intelligent operations center for emergency managementeq5.1.0.2
ibm intelligent operations center for emergency managementeq5.1.0.3
ibm intelligent operations center for emergency managementeq5.1.0.4
ibm intelligent operations center for emergency managementeq5.1.0.5
ibm intelligent operations center for emergency managementeq5.1.0.6
ibm intelligent operations centereq1.5.0
ibm intelligent operations centereq1.5.0.1

Name	Operator	Version
ibm intelligent operations center for emergency management	eq	1.6
ibm intelligent operations center for emergency management	eq	5.1.0
ibm intelligent operations center for emergency management	eq	5.1.0.1
ibm intelligent operations center for emergency management	eq	5.1.0.2
ibm intelligent operations center for emergency management	eq	5.1.0.3
ibm intelligent operations center for emergency management	eq	5.1.0.4
ibm intelligent operations center for emergency management	eq	5.1.0.5
ibm intelligent operations center for emergency management	eq	5.1.0.6
ibm intelligent operations center	eq	1.5.0
ibm intelligent operations center	eq	1.5.0.1

Rows per page:

1-10 of 421

5.9 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.001 Low

EPSS

Percentile

23.4%

JSON

Related for EE760516EA5BFB0BA8A605A92BB758CEA5CAD8C03E1D3EF2C0AB0971FA57DD72