CVE-2022-3676 — Vulnetix

CVE-2022-3676 PUBLISHED CVSS 8.699999809265137 HIGH

In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.

EPSS 0.34% · 57.1th percentile

Risk Scores

CVSS 4.0

8.699999809265137

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

EPSS Score

0.34%

57.1th percentile

Affected Products

Vendor	Product	Versions
IBM	IBM SPSS
IBM	IBM Tivoli Monitoring < 6.3.0.7 sp5
IBM	IBM Security Identity Manager
IBM	IBM Tivoli Netcool/OMNIbus < 8.1.0.31
IBM	IBM Rational Application Developer for WebSphere Software 9.7
Fedora	Fedora Linux
IBM	IBM WebSphere Application Server
IBM	IBM AIX 7.2
IBM	IBM TXSeries for Multiplatforms 9.1
IBM	IBM Content Manager Enterprise Edition 8.6
IBM	IBM VIOS 3.1
IBM	IBM TXSeries for Multiplatforms 8.2
IBM	IBM Rational Business Developer
SUSE	SUSE Linux
IBM	IBM Tivoli Business Service Manager 6.2.0
IBM	IBM Tivoli Monitoring 6.3.0
IBM	IBM Rational Application Developer for WebSphere Software 9.6
IBM	IBM AIX 7.1
IBM	IBM AIX 7.3
IBM	IBM Power Hardware Management Console

…and 2 more

Timeline

Oct 24, 2022 CVE Published
Oct 25, 2022 EPSS Score
Dec 8, 2022 EPSS Score
Jan 20, 2023 EPSS Score
Mar 5, 2023 EPSS Score
Mar 7, 2023 EPSS Score
Apr 17, 2023 EPSS Score
May 31, 2023 EPSS Score
Jul 13, 2023 EPSS Score
Aug 26, 2023 EPSS Score
Oct 8, 2023 EPSS Score
Nov 21, 2023 EPSS Score

References

https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2022-2102.json advisory
https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-2102 advisory
https://www.ibm.com/support/pages/node/7058359 advisory
https://www.ibm.com/support/pages/node/7008901 advisory
https://www.ibm.com/support/pages/node/6987029 advisory
https://www.ibm.com/support/pages/node/6967237 advisory
https://www.ibm.com/support/pages/node/6962791 advisory
https://www.ibm.com/support/pages/node/6839777 advisory
https://www.ibm.com/support/pages/node/6845546 advisory
https://lists.suse.com/pipermail/sle-security-updates/2022-December/013295.html advisory
https://lists.suse.com/pipermail/sle-security-updates/2022-December/013304.html advisory
https://aix.software.ibm.com/aix/efixes/security/java_dec2022_advisory.asc advisory
https://www.ibm.com/support/pages/node/6854647 advisory
https://www.ibm.com/support/pages/node/6912697 advisory
https://www.ibm.com/support/pages/node/6953879 advisory
https://www.ibm.com/support/pages/node/6954681 advisory
https://www.ibm.com/support/pages/node/6954673 advisory
https://www.ibm.com/support/pages/node/6954701 advisory
https://lists.suse.com/pipermail/sle-security-updates/2023-February/013731.html advisory
https://www.ibm.com/support/pages/node/6954675 advisory

…and 7 more

Open in Interactive Console →