VDB
CVE-2022-22473
CVE-2022-22473
PUBLISHED
Es besteht eine Schwachstelle in IBM WebSphere Application Server aufgrund unsachgemäßer Handhabung von Daten der Verwaltungskonsole. Ein Angreifer kann dies ausnutzen, um vertrauliche Informationen zu erhalten, die für weitere Angriffe auf das System genutzt werden können.
EPSS 0.16% · 37.0th percentile
Risk Scores
EPSS Score
0.16%
37.0th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| HCL | HCL Commerce | |
| IBM | IBM Tivoli Monitoring | |
| IBM | IBM WebSphere Application Server 7.0 | |
| IBM | IBM WebSphere Application Server 8.5 | |
| IBM | IBM WebSphere Application Server 8.0 | |
| IBM | IBM WebSphere Application Server 9.0 |
Timeline
- Jul 13, 2022 CVE Published
- Jul 15, 2022 EPSS Score
- Aug 31, 2022 EPSS Score
- Oct 17, 2022 EPSS Score
- Dec 3, 2022 EPSS Score
- Jan 19, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 23, 2023 EPSS Score
- Jun 5, 2023 CVE Updated
- Jun 9, 2023 EPSS Score
- Jul 26, 2023 EPSS Score
- Sep 11, 2023 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2022-0680.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-0680 advisory
- https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0104902 advisory
- https://www.ibm.com/support/pages/node/6603421 advisory
- https://www.ibm.com/support/pages/node/6603417 advisory
- https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-affect-ibm-tivoli-monitoring-included-websphere-application-server-and-ibm-http-server-used-by-websphere-application-server-3/ advisory