CVE-2022-22394

EUVD-2022-27540
The IBM Spectrum Protect 8.1.14.000 server could allow a remote attacker to bypass security restrictions, caused by improper enforcement of access controls. By signing in, an attacker could exploit this vulnerability to bypass security and gain unauthorized administrator or node access to the vulnerable server.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
8.8 HIGH
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
ibmCNA
7.5 HIGH
NETWORK
HIGH
LOW
CVSS:3.0/C:H/UI:N/I:H/AV:N/PR:L/AC:H/A:H/S:U/E:U/RL:O/RC:C
Base Score
CVSS 3.x
EPSS Score
Percentile: 89%
Affected Products (NVD)
VendorProductVersion
ibmspectrum_protect
8.1.14.100
𝑥
= Vulnerable software versions
References
https://exchange.xforce.ibmcloud.com/vulnerabilities/222147
https://www.ibm.com/support/pages/node/6564745
https://exchange.xforce.ibmcloud.com/vulnerabilities/222147
https://www.ibm.com/support/pages/node/6564745