IBM Navigator for i 7.2, 7.3, and 7.4 (heritage version) could allow a remote attacker to obtain access to the web interface without valid credentials. By modifying the sign on request, an attacker can gain visibility to the fully qualified domain name of the target system and the navigator tasks page, however they do not gain the ability to perform those tasks on the system or see any specific system data. IBM X-Force ID: 225899.
References
Link | Resource |
---|---|
https://exchange.xforce.ibmcloud.com/vulnerabilities/225899 | VDB Entry Vendor Advisory |
https://www.ibm.com/support/pages/node/6583553 | Patch Vendor Advisory |
https://exchange.xforce.ibmcloud.com/vulnerabilities/225899 | VDB Entry Vendor Advisory |
https://www.ibm.com/support/pages/node/6583553 | Patch Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 06:46
Type | Values Removed | Values Added |
---|---|---|
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/225899 - VDB Entry, Vendor Advisory | |
References | () https://www.ibm.com/support/pages/node/6583553 - Patch, Vendor Advisory |
08 Aug 2023, 14:22
Type | Values Removed | Values Added |
---|---|---|
CWE | NVD-CWE-noinfo |
Information
Published : 2022-05-09 17:15
Updated : 2024-11-21 06:46
NVD link : CVE-2022-22481
Mitre link : CVE-2022-22481
CVE.ORG link : CVE-2022-22481
JSON object : View
Products Affected
ibm
- i
CWE