CVE-2022-43917

IBM WebSphere Application Server 8.5 and 9.0 traditional container uses weaker than expected cryptographic keys that could allow an attacker to decrypt sensitive information. This affects only the containerized version of WebSphere Application Server traditional. IBM X-Force ID: 241045.

Published: Jan 26, 2023
Updated: Nov 8, 2023
CVE: CVE-2022-43917
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.5
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWEs:

CWE-327

OWASP TOP 10:

A3 - Sensitive Data Exposure

Affected Software
References

Software	From	Fixed in
ibm / websphere_application_server	8.5	8.5.x
ibm / websphere_application_server	9.0	9.0.x

https://exchange.xforce.ibmcloud.com/vulnerabilities/241045
https://www.ibm.com/support/pages/node/6857007

Vulnerability Database

289,599

CVE-2022-43917