CVE-2022-22349

IBM Sterling External Authentication Server 3.4.3.2, 6.0.2.0, and 6.0.3.0 is vulnerable to path traversals, due to not properly validating RESTAPI configuration data. An authorized user could import invalid data which could be used for an attack. IBM X-Force ID: 220144.
References
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:ibm:sterling_external_authentication_server:3.4.3.2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:sterling_external_authentication_server:6.0.2.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:sterling_external_authentication_server:6.0.3.0:*:*:*:*:*:*:*

History

No history.

Information

Published : 2022-02-24 17:15

Updated : 2024-02-28 19:09


NVD link : CVE-2022-22349

Mitre link : CVE-2022-22349

CVE.ORG link : CVE-2022-22349


JSON object : View

Products Affected

ibm

  • sterling_external_authentication_server
CWE
CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')