CVE-2022-22394

The IBM Spectrum Protect 8.1.14.000 server could allow a remote attacker to bypass security restrictions, caused by improper enforcement of access controls. By signing in, an attacker could exploit this vulnerability to bypass security and gain unauthorized administrator or node access to the vulnerable server.

Published: Mar 21, 2022
Updated: Apr 14, 2023
CVE: CVE-2022-22394
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 8.8
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVSS v2:

Severity: High
Score: 9
AV:N/AC:L/Au:S/C:C/I:C/A:C

CWEs:

CWE-269

Affected Software
References

Software	From	Fixed in
ibm / spectrum_protect	8.1.14.100	8.1.14.100.x

https://exchange.xforce.ibmcloud.com/vulnerabilities/222147
https://www.ibm.com/support/pages/node/6564745

Vulnerability Database

CVE-2022-22394