CVE-2022-22484

IBM Spectrum Protect Operations Center 8.1.12 and 8.1.13 could allow a local attacker to obtain sensitive information, caused by plain text user account passwords potentially being stored in the browser's application command history. By accessing browser history, an attacker could exploit this vulnerability to obtain other user accounts' passwords. IBM X-Force ID: 226322.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:a:ibm:spectrum_protect:*:*:*:*:*:*:*:*
OR cpe:2.3:o:ibm:aix:-:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

History

21 Nov 2024, 06:46

Type Values Removed Values Added
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/226322 - VDB Entry, Vendor Advisory () https://exchange.xforce.ibmcloud.com/vulnerabilities/226322 - VDB Entry, Vendor Advisory
References () https://www.ibm.com/support/pages/node/6586314 - Patch, Vendor Advisory () https://www.ibm.com/support/pages/node/6586314 - Patch, Vendor Advisory

Information

Published : 2022-05-17 16:15

Updated : 2024-11-21 06:46


NVD link : CVE-2022-22484

Mitre link : CVE-2022-22484

CVE.ORG link : CVE-2022-22484


JSON object : View

Products Affected

ibm

  • aix
  • spectrum_protect

linux

  • linux_kernel

microsoft

  • windows
CWE
CWE-312

Cleartext Storage of Sensitive Information