VDB
CVE-2022-33987
CVE-2022-33987
PUBLISHED
CVSS 6.900000095367432 MEDIUM
In IBM Spectrum Protect existieren mehrere Schwachstellen. Diese sind auf Fehler in verschiedenen Komponenten sowie im Umgang mit Zertifikaten zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode (teils mit Administratorrechten) auszuführen, Informationen offenzulegen, Dateien zu manipulieren, einen Cross-Site-Scripting-Angriff durchzuführen, einen Denial of Service Zustand herbeizuführen oder Sicherheitsvorkehrungen zu umgehen.
EPSS 0.78% · 74.1th percentile
Risk Scores
CVSS 4.0
6.900000095367432
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
EPSS Score
0.78%
74.1th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Splunk | Splunk Splunk Enterprise | |
| HCL | HCL BigFix | |
| Splunk | Splunk Splunk Enterprise <8.2.11 | |
| SUSE | SUSE Linux | |
| Dell | Dell Data Protection Advisor <19.12 | |
| Atlassian | Atlassian Confluence <9.2.7 | |
| Atlassian | Atlassian Confluence <8.5.25 | |
| Atlassian | Atlassian Confluence <10.1.1 | |
| HCL | HCL BigFix < 10.0.8 | |
| Oracle | Oracle Linux | |
| Splunk | Splunk Splunk Enterprise <9.1.1 | |
| Splunk | Splunk Splunk Enterprise <9.2.1 | |
| HCL | HCL BigFix < 9.5.21 | |
| Splunk | Splunk Splunk Enterprise <8.1.14 | |
| IBM | IBM License Metric Tool | |
| IBM | IBM DB2 <v11.5.7.0-cn6 | |
| IBM | IBM Spectrum Protect plus 10.1 | |
| Splunk | Splunk Splunk Enterprise <9.0.5 | |
| IBM | IBM DB2 | |
| IBM | IBM DB2 <Cloud Pak for Data v4.5 Refresh 1 |
…and 7 more
Exploit Intelligence
- summary.html (github-poc)
- summary.html (github-poc)
- summary.html (github-poc)
- summary.html (github-poc)
- summary.html (github-poc)
- summary.html (github-poc)
- summary.html (github-poc)
- summary.html (github-poc)
- summary.html (github-poc)
Timeline
- Jun 18, 2022 CVE Published
- Jun 19, 2022 EPSS Score
- Jun 28, 2022 CVE Updated
- Aug 7, 2022 EPSS Score
- Sep 24, 2022 EPSS Score
- Dec 29, 2022 EPSS Score
- Feb 15, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 4, 2023 EPSS Score
- May 22, 2023 EPSS Score
- Jul 8, 2023 EPSS Score
- Oct 12, 2023 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2022-1461.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-1461 advisory
- https://www.ibm.com/support/pages/node/7005589 advisory
- https://www.ibm.com/support/pages/node/6620211 advisory
- https://www.ibm.com/support/pages/node/6619915 advisory
- https://www.ibm.com/support/pages/node/6621141 advisory
- https://www.ibm.com/support/pages/node/6619963 advisory
- https://www.ibm.com/support/pages/node/6621115 advisory
- https://www.ibm.com/support/pages/node/6619919 advisory
- https://www.ibm.com/support/pages/node/6619947 advisory
- https://www.ibm.com/support/pages/node/6619975 advisory
- https://www.ibm.com/support/pages/node/6620209 advisory
- https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2022-2216.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-2216 advisory
- https://docs.camunda.org/security/notices/ advisory
- https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2022-0909.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-0909 advisory
- https://www.ibm.com/support/pages/node/6610082 advisory
- https://access.redhat.com/errata/RHSA-2022:6389 advisory
- https://www.ibm.com/support/pages/node/7229443 advisory
…and 29 more