VDB
CVE-2022-38749
CVE-2022-38749
PUBLISHED
CVSS 8.699999809265137 HIGH
Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, einen Denial-of-Service-Zustand herbeizuführen, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuführen.
EPSS 0.53% · 67.8th percentile
Risk Scores
CVSS 4.0
8.699999809265137
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
EPSS Score
0.53%
67.8th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| IBM | IBM DB2 11.5 | |
| Red Hat | Red Hat OpenShift Application Runtimes | |
| IBM | IBM TXSeries 8.1 | |
| Red Hat | Red Hat JBoss A-MQ Clients 3 | |
| Debian | Debian Linux | |
| IBM | IBM InfoSphere Information Server 11.7 | |
| Red Hat | Red Hat Enterprise Linux | |
| Red Hat | Red Hat Enterprise Linux 8 | |
| IBM | IBM TXSeries 8.2 | |
| Red Hat | Red Hat Satellite <6.13 | |
| SUSE | SUSE openSUSE | |
| Red Hat | Red Hat OpenShift Container Platform <4.10.62 | |
| Red Hat | Red Hat Integration Camel Extensions for Quarkus 1 | |
| Fedora | Fedora Linux | |
| IBM | IBM DB2 11.1 | |
| Red Hat | Red Hat Enterprise Linux Apache Camel 1 | |
| Dell | Dell Secure Connect Gateway <5.34.00.16 | |
| IBM | IBM MQ CD 9.3 | |
| IBM | IBM MQ LTS 9.3 | |
| IBM | IBM MQ LTS 9.2 |
…and 20 more
Exploit Intelligence
- suppressions.xml (github-poc)
- suppressions.xml (github-poc)
- suppressions.xml (github-poc)
- suppressions.xml (github-poc)
- suppressions.xml (github-poc)
- suppressions.xml (github-poc)
- suppressions.xml (github-poc)
Timeline
- Sep 5, 2022 CVE Published
- Sep 6, 2022 EPSS Score
- Oct 21, 2022 EPSS Score
- Dec 5, 2022 EPSS Score
- Jan 20, 2023 EPSS Score
- Mar 6, 2023 EPSS Score
- Apr 20, 2023 EPSS Score
- Jun 4, 2023 EPSS Score
- Jul 20, 2023 EPSS Score
- Sep 3, 2023 EPSS Score
- Oct 18, 2023 EPSS Score
- Dec 2, 2023 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2022-1635.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-1635 advisory
- https://access.redhat.com/errata/RHSA-2022:6757 advisory
- https://access.redhat.com/errata/RHSA-2022:6820 advisory
- https://access.redhat.com/errata/RHSA-2022:6835 advisory
- http://linux.oracle.com/errata/ELSA-2022-6820.html advisory
- https://www.ibm.com/blogs/psirt/security-bulletin-ibm-websphere-application-server-liberty-is-vulnerable-to-denial-of-service-due-to-graphql-java-cve-2022-37734/ advisory
- https://access.redhat.com/errata/RHSA-2022:8524 advisory
- https://access.redhat.com/errata/RHSA-2022:8652 advisory
- https://access.redhat.com/errata/RHSA-2022:8876 advisory
- https://access.redhat.com/errata/RHSA-2022:9023 advisory
- https://access.redhat.com/errata/RHSA-2023:0189 advisory
- https://www.ibm.com/support/pages/node/6856687 advisory
- https://access.redhat.com/errata/RHSA-2023:0560 advisory
- https://access.redhat.com/errata/RHSA-2023:1049 advisory
- https://access.redhat.com/errata/RHSA-2023:1043 advisory
- https://access.redhat.com/errata/RHSA-2023:1045 advisory
- https://access.redhat.com/errata/RHSA-2023:1047 advisory
- https://access.redhat.com/errata/RHSA-2023:1044 advisory
- https://access.redhat.com/errata/RHSA-2023:1513 advisory
…and 82 more