VDB
CVE-2022-40154
CVE-2022-40154
PUBLISHED
CVSS 8.699999809265137 HIGH
In IBM InfoSphere Information Server existieren mehrere Schwachstellen. In der XStream Komponente kommt es der Verarbeitung von speziell gestalteten XML-Daten zu Stack-basierten Pufferüberläufen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um Daten zu manipulieren oder einen Denial-of-Service auszulösen.
EPSS 0.88% · 27.0th percentile
Risk Scores
CVSS v4.0
8.699999809265137
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
EPSS Score
0.88%
27.0th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| IBM | IBM SPSS Collaboration and Deployment Services | |
| Dell | Dell NetWorker | |
| Red Hat | Red Hat Enterprise Linux | |
| Red Hat | Red Hat Enterprise Linux Integration Camel Extensions for Quarkus | |
| IBM | IBM QRadar SIEM 7.5 | |
| Fedora | Fedora Linux | |
| IBM | IBM InfoSphere Information Server 11.7 |
Timeline
- Sep 17, 2022 EPSS Score
- Sep 19, 2022 EPSS Score
- Sep 22, 2022 EPSS Score
- Sep 24, 2022 EPSS Score
- Sep 27, 2022 EPSS Score
- Sep 29, 2022 EPSS Score
- Oct 1, 2022 EPSS Score
- Oct 4, 2022 EPSS Score
- Oct 6, 2022 EPSS Score
- Oct 8, 2022 EPSS Score
- Oct 11, 2022 EPSS Score
- Oct 13, 2022 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-0209.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-0209 advisory
- https://access.redhat.com/errata/RHSA-2023:0469 advisory
- https://access.redhat.com/errata/RHSA-2023:0544 advisory
- https://access.redhat.com/errata/RHSA-2023:3815 advisory
- https://www.dell.com/support/kbdoc/000220649/dsa-2023-= advisory
- https://www.dell.com/support/kbdoc/000220669/dsa-2023-= advisory
- https://access.redhat.com/errata/RHSA-2025:4226 advisory
- https://www.ibm.com/support/pages/node/7245569 advisory
- https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-0809.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-0809 advisory
- https://www.ibm.com/support/pages/node/6967283 advisory
- https://www.ibm.com/support/pages/node/6967333 advisory
- https://www.ibm.com/support/pages/node/6980799 advisory
- https://www.ibm.com/support/pages/node/7108657 advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-2024-5ecc250449 advisory
- https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-1112.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-1112 advisory
- https://www.ibm.com/support/pages/node/6987359 advisory
- https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-1293.json advisory
…and 2 more