Lucene search
HistoryApr 26, 2023 - 3:15 a.m.
CVE-2022-36769
ibm cloud pak
data 4.5
data 4.6
privilege escalation
vulnerability
ibm x-force id 232034
CVSS3
7.2
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
AI Score
6.8
Confidence
High
EPSS
0.001
Percentile
30.3%
IBM Cloud Pak for Data 4.5 and 4.6 could allow a privileged user to upload malicious files of dangerous types that can be automatically processed within the product’s environment. IBM X-Force ID: 232034.
Affected configurations
Node
redhatopenshiftMatch-
ibmcloud_pak_for_dataMatch4.5
ORibmcloud_pak_for_dataMatch4.6
| Vendor | Product | Version | CPE |
|---|---|---|---|
| redhat | openshift | - | cpe:2.3:a:redhat:openshift:-:*:*:*:*:*:*:* |
| ibm | cloud_pak_for_data | 4.5 | cpe:2.3:a:ibm:cloud_pak_for_data:4.5:*:*:*:*:*:*:* |
| ibm | cloud_pak_for_data | 4.6 | cpe:2.3:a:ibm:cloud_pak_for_data:4.6:*:*:*:*:*:*:* |
Related
prion
prion
Code injection
2023-04-26 03:15:00
cve
cve
CVE-2022-36769
2023-04-26 03:15:08
cnvd
cnvd
IBM Cloud Pak for Data Arbitrary File Upload Vulnerability
2023-05-04 00:00:00
ibm
ibm
cvelist
cvelist
CVE-2022-36769 IBM Cloud Pak for Data file upload
2023-04-26 02:52:02
CVSS3
7.2
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
AI Score
6.8
Confidence
High
EPSS
0.001
Percentile
30.3%
Related for NVD:CVE-2022-36769