CVE-2022-22394 — Vulnetix

Try Vulnetix Request Demo

CVE-2022-22394 PUBLISHED CVSS 7.5 HIGH

The IBM Spectrum Protect 8.1.14.000 server could allow a remote attacker to bypass security restrictions, caused by improper enforcement of access controls. By signing in, an attacker could exploit this vulnerability to bypass security and gain unauthorized administrator or node access to the vulnerable server.

EPSS 5.33% · 90.0th percentile

Risk Scores

CVSS v3.0

7.5

CVSS:3.0/C:H/UI:N/I:H/AV:N/PR:L/AC:H/A:H/S:U/E:U/RL:O/RC:C

EPSS Score

5.33%

90.0th percentile

Affected Products

Vendor	Product	Versions
ibm	spectrum_protect	8.1.14.100
IBM	Spectrum Protect Server	8.1.14.000

Timeline

Mar 21, 2022 CVE Published
Mar 22, 2022 EPSS Score
May 11, 2022 EPSS Score
Aug 21, 2022 EPSS Score
Oct 11, 2022 EPSS Score
Nov 30, 2022 EPSS Score
Jan 19, 2023 EPSS Score
Mar 11, 2023 EPSS Score
Apr 30, 2023 EPSS Score
Jun 20, 2023 EPSS Score
Aug 9, 2023 EPSS Score
Nov 18, 2023 EPSS Score

References

Open in Interactive Console →