VDB

CVE-2022-22394

CVE-2022-22394 PUBLISHED CVSS 7.5 HIGH

The IBM Spectrum Protect 8.1.14.000 server could allow a remote attacker to bypass security restrictions, caused by improper enforcement of access controls. By signing in, an attacker could exploit this vulnerability to bypass security and gain unauthorized administrator or node access to the vulnerable server.

EPSS 5.33% · 90.2th percentile

Risk Scores

CVSS 3.0
7.5
CVSS:3.0/C:H/UI:N/I:H/AV:N/PR:L/AC:H/A:H/S:U/E:U/RL:O/RC:C
EPSS Score
5.33%
90.2th percentile

Affected Products

VendorProductVersions
ibmspectrum_protect8.1.14.100
IBMSpectrum Protect Server8.1.14.000

Exploit Intelligence

Timeline

  • Mar 21, 2022 CVE Published
  • Mar 22, 2022 EPSS Score
  • May 12, 2022 EPSS Score
  • Aug 23, 2022 EPSS Score
  • Oct 13, 2022 EPSS Score
  • Dec 3, 2022 EPSS Score
  • Jan 23, 2023 EPSS Score
  • Mar 15, 2023 EPSS Score
  • May 5, 2023 EPSS Score
  • Jun 25, 2023 EPSS Score
  • Aug 15, 2023 EPSS Score
  • Nov 25, 2023 EPSS Score

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›