VDB
CVE-2022-2047
CVE-2022-2047
PUBLISHED
CVSS 8.699999809265137 HIGH
In IBM Tivoli Network Manager existieren mehrere Schwachstellen. Die Fehler bestehen in verschiedenen Komponenten von Drittanbietern wie Google Web Toolkit, Eclipse BIRT, Apache Batik, Apache Derby, Eclipse Equinox, FasterXML jackson-databind, Eclipse Jetty, Netty und JDBC. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand herbeizuführen und nicht spezifizierte Auswirkungen zu verursachen. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.
EPSS 0.57% · 68.9th percentile
Risk Scores
CVSS v4.0
8.699999809265137
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
EPSS Score
0.57%
68.9th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| IBM | IBM Installation Manager 1.4-1.10.1.0 | |
| Debian | Debian Linux | |
| Dell | Dell ECS <3.8.1.0 | |
| Broadcom | Broadcom Brocade SANnav <2.3.1a | |
| JFrog | JFrog Artifactory <7.46.3 | |
| Red Hat | Red Hat Enterprise Linux | |
| Dell | Dell PowerEdge | |
| IBM | IBM Maximo Asset Management 7.6.1.3 | |
| IBM | IBM Rational Change 5.3.2.4 | |
| IBM | IBM Tivoli Network Manager <= 4.2.0.15 | |
| IBM | IBM QRadar SIEM 7.4 | |
| Red Hat | Red Hat JBoss A-MQ < 7.10.3 | |
| Hitachi | Hitachi Ops Center | |
| IBM | IBM InfoSphere Information Server 11.7 | |
| IBM | IBM Tivoli Network Manager 4.2.0 | |
| IBM | IBM Operational Decision Manager 8.10.5.1 < IF049 | |
| IBM | IBM Spectrum Protect <10.1.14 | |
| IBM | IBM QRadar SIEM 7.5 | |
| Eclipse | Eclipse Jetty <10.0.11 | |
| Eclipse | Eclipse Jetty <11.0.11 |
…and 3 more
Timeline
- Jul 7, 2022 CVE Published
- Jul 8, 2022 EPSS Score
- Aug 25, 2022 EPSS Score
- Oct 11, 2022 EPSS Score
- Oct 25, 2022 CVE Updated
- Nov 28, 2022 EPSS Score
- Jan 14, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 18, 2023 EPSS Score
- Jun 4, 2023 EPSS Score
- Jul 22, 2023 EPSS Score
- Sep 7, 2023 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2022-0614.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-0614 advisory
- https://www.eclipse.org/lists/jetty-announce/msg00171.html advisory
- https://lists.debian.org/debian-security-announce/2022/msg00167.html advisory
- https://lists.debian.org/debian-lts-announce/2022/08/msg00011.html advisory
- https://www.jfrog.com/confluence/display/JFROG/Fixed+Security+Vulnerabilities advisory
- https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-rational-change-fix-pack-04-for-5-3-2/ advisory
- https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-eclipse-jetty-affect-ibm-infosphere-information-server/ advisory
- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-qradar-siem-is-vulnerable-to-using-components-with-known-vulnerabilities-14/ advisory
- https://access.redhat.com/errata/RHSA-2022:8652 advisory
- https://www.ibm.com/support/pages/node/6852233 advisory
- https://access.redhat.com/errata/RHSA-2023:0189 advisory
- https://www.ibm.com/support/pages/node/6959601 advisory
- https://www.ibm.com/support/pages/node/6965698 advisory
- https://www.ibm.com/support/pages/node/6965816 advisory
- https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2023-117/index.html advisory
- https://www.ibm.com/support/pages/node/7014699 advisory
- https://www.ibm.com/support/pages/node/7082766 advisory
- https://www.ibm.com/support/pages/node/7153639 advisory
- https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25087 advisory
…and 22 more