CVE-2022-43901

2022-12-0119:15:10

CWE-200

CWE-668

[email protected]

web.nvd.nist.gov

ibm

websphere automation

cloud pak

watson aiops

vulnerability

sensitive information

x-force id

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

EPSS

Percentile

5.1%

JSON

IBM WebSphere Automation for IBM Cloud Pak for Watson AIOps 1.4.3 could disclose sensitive information. An authenticated local attacker could exploit this vulnerability to possibly gain information to other IBM WebSphere Automation for IBM Cloud Pak for Watson AIOps components. IBM X-Force ID: 240829.

Affected configurations

Nvd

Node

ibmwebsphere_automation_for_ibm_cloud_pak_for_watson_aiopsRange<1.4.3

VendorProductVersionCPE
ibmwebsphere_automation_for_ibm_cloud_pak_for_watson_aiops*cpe:2.3:a:ibm:websphere_automation_for_ibm_cloud_pak_for_watson_aiops:*:*:*:*:*:*:*:*