VDB
CVE-2022-3172
CVE-2022-3172
PUBLISHED
Es existieren mehrere Schwachstellen in IBM DB2 on Cloud Pak for Data and DB2 Warehouse on Cloud Pak for Data. Diese bestehen in den Komponenten Minimatch, Db2U, Helm, kube-apiserver und Golang Go. Ein entfernter, anonymer oder authentisierter Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist eine Interaktion des Opfers notwendig.
EPSS 3.41% · 87.7th percentile
Risk Scores
EPSS Score
3.41%
87.7th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Red Hat | Red Hat Enterprise Linux | |
| Red Hat | Red Hat OpenShift Data Foundation 4 | |
| IBM | IBM DB2 Cloud Pak for Data < 4.6 | |
| SUSE | SUSE Linux | |
| Oracle | Oracle Linux | |
| IBM | IBM MQ | |
| Red Hat | Red Hat OpenShift container platform 4.10 | |
| IBM | IBM DB2 | |
| Red Hat | Red Hat OpenShift |
Exploit Intelligence
- UgOrange/CVE-2022-3172 (github-poc-repo)
- UgOrange/CVE-2022-3172 (github-poc-repo)
- UgOrange/CVE-2022-3172 (github-poc-repo)
- UgOrange/CVE-2022-3172 (github-poc-repo)
- UgOrange/CVE-2022-3172 (github-poc-repo)
- UgOrange/CVE-2022-3172 (github-poc-repo)
- UgOrange/CVE-2022-3172 (github-poc-repo)
- UgOrange/CVE-2022-3172 (github-poc)
- UgOrange/CVE-2022-3172 (github-poc)
- UgOrange/CVE-2022-3172 (github-poc)
…and 14 more exploits
Timeline
- CVE Published
- Dec 10, 2022 PoC Published
- Nov 4, 2023 EPSS Score
- Mar 17, 2025 EPSS Score
- Mar 19, 2025 EPSS Score
- Mar 24, 2025 EPSS Score
- Mar 25, 2025 EPSS Score
- Mar 27, 2025 EPSS Score
- Mar 28, 2025 EPSS Score
- Mar 30, 2025 EPSS Score
- May 1, 2025 EPSS Score
- May 4, 2025 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2022-1458.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-1458 advisory
- https://www.ibm.com/support/pages/node/7004197 advisory
- https://access.redhat.com/errata/RHSA-2023:3609 advisory
- https://lists.suse.com/pipermail/sle-security-updates/2023-May/014985.html advisory
- https://access.redhat.com/errata/RHSA-2023:1655 advisory
- https://seclists.org/oss-sec/2022/q3/207 advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2127808 advisory
- https://linux.oracle.com/errata/ELSA-2022-9856.html advisory
- https://linux.oracle.com/errata/ELSA-2022-9853.html advisory
- https://linux.oracle.com/errata/ELSA-2022-9854.html advisory
- https://linux.oracle.com/errata/ELSA-2022-10036.html advisory
- https://linux.oracle.com/errata/ELSA-2022-10033.html advisory
- https://linux.oracle.com/errata/ELSA-2023-12011.html advisory
- https://linux.oracle.com/errata/ELSA-2023-12014.html advisory
- https://linux.oracle.com/errata/ELSA-2023-12013.html advisory
- https://linux.oracle.com/errata/ELSA-2023-12012.html advisory
- https://access.redhat.com/errata/RHSA-2022:7398 advisory
- https://access.redhat.com/errata/RHSA-2022:9096 advisory
- https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2022-2339.json advisory
…and 3 more