VDB
CVE-2022-29361
CVE-2022-29361
PUBLISHED
CVSS 6.900000095367432 MEDIUM
In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, einen Denial of Service Zustand herbeizuführen oder Sicherheitsvorkehrungen zu umgehen.
EPSS 31.11% · 96.9th percentile
Risk Scores
CVSS 4.0
6.900000095367432
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
EPSS Score
31.11%
96.9th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Dell | Dell PowerProtect Data Domain Management Center | |
| SUSE | SUSE Linux | |
| Dell | Dell PowerProtect Data Domain | |
| IBM | IBM Spectrum Protect plus 10.1 | |
| Dell | Dell PowerProtect Data Domain <7.7.5.50 | |
| Dell | Dell PowerProtect Data Domain <7.10.1.40 | |
| Red Hat | Red Hat Enterprise Linux | |
| Ubuntu | Ubuntu Linux | |
| Dell | Dell PowerProtect Data Domain <7.13.1.10 | |
| Dell | Dell PowerProtect Data Domain OS | |
| Dell | Dell PowerProtect Data Domain <8.1.0.0 |
Timeline
- May 24, 2022 CVE Published
- May 25, 2022 EPSS Score
- Sep 1, 2022 EPSS Score
- Oct 19, 2022 EPSS Score
- Jan 25, 2023 EPSS Score
- Mar 15, 2023 EPSS Score
- Jun 20, 2023 EPSS Score
- Aug 8, 2023 EPSS Score
- Nov 14, 2023 EPSS Score
- Feb 19, 2024 EPSS Score
- May 27, 2024 EPSS Score
- Jul 15, 2024 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2022-1461.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-1461 advisory
- https://www.ibm.com/support/pages/node/7005589 advisory
- https://www.ibm.com/support/pages/node/6620211 advisory
- https://www.ibm.com/support/pages/node/6619915 advisory
- https://www.ibm.com/support/pages/node/6621141 advisory
- https://www.ibm.com/support/pages/node/6619963 advisory
- https://www.ibm.com/support/pages/node/6621115 advisory
- https://www.ibm.com/support/pages/node/6619919 advisory
- https://www.ibm.com/support/pages/node/6619947 advisory
- https://www.ibm.com/support/pages/node/6619975 advisory
- https://www.ibm.com/support/pages/node/6620209 advisory
- https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2022-0456.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-0456 advisory
- https://access.redhat.com/errata/RHSA-2022:8861 advisory
- https://access.redhat.com/errata/RHSA-2022:8852 advisory
- https://lists.suse.com/pipermail/sle-security-updates/2022-November/012870.html advisory
- https://checkmk.com/de/werk/13904 advisory
- https://ubuntu.com/security/notices/USN-5526-1 advisory
- https://ubuntu.com/security/notices/USN-5526-2 advisory
…and 5 more