VDB
CVE-2022-25887
CVE-2022-25887
PUBLISHED
Es existiert eine Schwachstelle in IBM Business Automation Workflow. Diese besteht in der Komponente "Node.js" und ist auf eine fehlerhafte Verwendung von regulären Ausdrücken zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuführen.
EPSS 0.10% · 26.8th percentile
Risk Scores
EPSS Score
0.10%
26.8th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| IBM | IBM Business Automation Workflow V21.0.3.1 traditional | |
| HCL | HCL BigFix < 10.0.8 | |
| IBM | IBM Business Automation Workflow V21.0.3 containers | |
| IBM | IBM Business Automation Workflow V21.0.2 traditional | |
| IBM | IBM Business Automation Workflow V20.0.0.2 traditional | |
| IBM | IBM Business Automation Workflow V20.0.0.2 containers | |
| IBM | IBM Business Automation Workflow V21.0.2 containers | |
| IBM | IBM Business Automation Workflow V20.0.0.1 traditional | |
| IBM | IBM License Metric Tool | |
| IBM | IBM Business Automation Workflow V19.0.0.3 traditional | |
| HCL | HCL BigFix | |
| HCL | HCL BigFix < 9.5.21 |
Timeline
- Aug 30, 2022 CVE Published
- Aug 30, 2022 EPSS Score
- Oct 14, 2022 EPSS Score
- Nov 29, 2022 EPSS Score
- Jan 13, 2023 EPSS Score
- Feb 28, 2023 EPSS Score
- Apr 14, 2023 EPSS Score
- May 30, 2023 EPSS Score
- Jul 14, 2023 EPSS Score
- Aug 8, 2023 CVE Updated
- Aug 29, 2023 EPSS Score
- Oct 13, 2023 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2022-2368.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-2368 advisory
- https://www.ibm.com/support/pages/node/6853623 advisory
- https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0102049 advisory
- https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0102168 advisory
- https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0102140 advisory
- https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-0272.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-0272 advisory
- https://www.ibm.com/support/pages/node/6952745 advisory