{"api_version":"1","generated_at":"2026-04-23T11:25:27+00:00","cve":"CVE-2022-22484","urls":{"html":"https://cve.report/CVE-2022-22484","api":"https://cve.report/api/cve/CVE-2022-22484.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2022-22484","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2022-22484"},"summary":{"title":"CVE-2022-22484","description":"IBM Spectrum Protect Operations Center 8.1.12 and 8.1.13 could allow a local attacker to obtain sensitive information, caused by plain text user account passwords potentially being stored in the browser's application command history. By accessing browser history, an attacker could exploit this vulnerability to obtain other user accounts' passwords. IBM X-Force ID: 226322.","state":"PUBLIC","assigner":"psirt@us.ibm.com","published_at":"2022-05-17 16:15:00","updated_at":"2022-05-25 14:51:00"},"problem_types":["CWE-312"],"metrics":[],"references":[{"url":"https://www.ibm.com/support/pages/node/6586314","name":"https://www.ibm.com/support/pages/node/6586314","refsource":"CONFIRM","tags":[],"title":"Security Bulletin:  Information Disclosure in IBM Spectrum Protect Operations Center Browser's History (CVE-2022-22484)","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/226322","name":"ibm-spectrum-cve202222484-info-disc (226322)","refsource":"XF","tags":[],"title":"IBM X-Force Exchange","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://www.cve.org/CVERecord?id=CVE-2022-22484","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-22484","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2022","cve_id":"22484","vulnerable":"-1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"ibm","cpe5":"aix","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"22484","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"ibm","cpe5":"spectrum_protect","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"22484","vulnerable":"-1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"linux","cpe5":"linux_kernel","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"22484","vulnerable":"-1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"microsoft","cpe5":"windows","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[{"cve":"CVE-2022-22484","qid":"377895","title":"IBM Spectrum Protect Operations Center Sensitive Information Vulnerability (6586314)"}]},"source_records":{"cve_program":{"data_type":"CVE","description":{"description_data":[{"lang":"eng","value":"IBM Spectrum Protect Operations Center 8.1.12 and 8.1.13 could allow a local attacker to obtain sensitive information, caused by plain text user account passwords potentially being stored in the browser's application command history. By accessing browser history, an attacker could exploit this vulnerability to obtain other user accounts' passwords. IBM X-Force ID: 226322."}]},"CVE_data_meta":{"DATE_PUBLIC":"2022-05-13T00:00:00","STATE":"PUBLIC","ASSIGNER":"psirt@us.ibm.com","ID":"CVE-2022-22484"},"problemtype":{"problemtype_data":[{"description":[{"value":"Obtain Information","lang":"eng"}]}]},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"version":{"version_data":[{"version_value":"8.1.13"},{"version_value":"8.1.12"}]},"product_name":"Spectrum Protect Operations Center"}]},"vendor_name":"IBM"}]}},"data_format":"MITRE","impact":{"cvssv3":{"BM":{"SCORE":"5.100","AC":"H","A":"N","AV":"L","PR":"N","S":"U","C":"H","I":"N","UI":"N"},"TM":{"E":"U","RL":"O","RC":"C"}}},"references":{"reference_data":[{"url":"https://www.ibm.com/support/pages/node/6586314","name":"https://www.ibm.com/support/pages/node/6586314","title":"IBM Security Bulletin 6586314 (Spectrum Protect Operations Center)","refsource":"CONFIRM"},{"name":"ibm-spectrum-cve202222484-info-disc (226322)","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/226322","refsource":"XF","title":"X-Force Vulnerability Report"}]},"data_version":"4.0"},"nvd":{"publishedDate":"2022-05-17 16:15:00","lastModifiedDate":"2022-05-25 14:51:00","problem_types":["CWE-312"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE","baseScore":5.5,"baseSeverity":"MEDIUM"},"exploitabilityScore":1.8,"impactScore":3.6},"baseMetricV2":{"cvssV2":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:P/I:N/A:N","accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE","baseScore":2.1},"severity":"LOW","exploitabilityScore":3.9,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"AND","children":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:ibm:spectrum_protect:*:*:*:*:*:*:*:*","versionStartIncluding":"8.1.12.000","versionEndExcluding":"8.1.14","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":false,"cpe23Uri":"cpe:2.3:o:ibm:aix:-:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":false,"cpe23Uri":"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":false,"cpe23Uri":"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*","cpe_name":[]}]}],"cpe_match":[]}]}},"legacy_mitre":{"record":{"CveYear":"2022","CveId":"22484","Ordinal":"224825","Title":"CVE-2022-22484","CVE":"CVE-2022-22484","Year":"2022"},"notes":[{"CveYear":"2022","CveId":"22484","Ordinal":"1","NoteData":"** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.","Type":"Description","Title":null}]}}}