CVE-2022-35279

"IBM Business Automation Workflow 18.0.0.0, 18.0.0.1, 18.0.0.2, 19.0.0.1, 19.0.0.2, 19.0.0.3, 20.0.0.1, 20.0.0.2, 21.0.2, 21.0.3, and 22.0.1 could disclose sensitive version information to authenticated users which could be used in further attacks against the system. IBM X-Force ID: 230537."

Published: Nov 3, 2022
Updated: Apr 14, 2023
CVE: CVE-2022-35279
Severity: Low
Exploit:

CVSS v3:

Severity: Low
Score: 4.3
AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

CWEs:

CWE-312

OWASP TOP 10:

A3 - Sensitive Data Exposure

Affected Software
References

Software	From	Fixed in
ibm / business_automation_workflow	22.0.1-if001	22.0.1-if001.x
ibm / business_automation_workflow	22.0.1	22.0.1.x
ibm / business_automation_workflow	21.0.3-if011	21.0.3-if011.x
ibm / business_automation_workflow	21.0.3-if010	21.0.3-if010.x
ibm / business_automation_workflow	21.0.3-if009	21.0.3-if009.x
ibm / business_automation_workflow	21.0.3-if008	21.0.3-if008.x
ibm / business_automation_workflow	21.0.3-if007	21.0.3-if007.x
ibm / business_automation_workflow	21.0.3-if006	21.0.3-if006.x
ibm / business_automation_workflow	21.0.3-if005	21.0.3-if005.x
ibm / business_automation_workflow	21.0.3-if002	21.0.3-if002.x
ibm / business_automation_workflow	20.0.0.1	20.0.0.1.x
ibm / business_automation_workflow	20.0.0.2	20.0.0.2.x
ibm / business_automation_workflow	21.0.2	21.0.2.x
ibm / business_automation_workflow	18.0.0.0	18.0.0.2.x
ibm / business_automation_workflow	19.0.0.0	19.0.0.3.x
ibm / business_automation_workflow	21.0.1	21.0.1.x
ibm / business_automation_workflow	21.0.3	21.0.3.x

https://www.ibm.com/support/pages/node/6829847

Vulnerability Database

CVE-2022-35279