QID 378550

Date Published: 2023-07-18

QID 378550: IBM Spectrum Protect Operations Center Sensitive Information Vulnerability (6621141)

An identity spoofing vulnerability in IBM WebSphere Application Server Liberty may affect IBM Spectrum Protect Operations Center and IBM Spectrum Protect Client Management Service.

Affected Versions:
IBM Spectrum Protect Operations Center 8.1.0.000-8.1.15.xxx
IBM Spectrum Protect Client Management Service 8.1.0.000-8.1.15.xxx

QID Detection Logic(Authenticated):
This checks for vulnerable versions of IBM Spectrum Protect Operations Center

Successful exploitation could lead to Identity spoofing by an authenticated user using a specially crafted request.

CVSS V3 rated as Critical - 8.8 severity.

CVSS V2 rated as High - 6 severity.

Solution

Vendor has released updated version to address this issue. Refer to 6621141 for details.

Vendor References

6621141 - www.ibm.com/support/pages/node/6621141

CVEs related to QID 378550

CVE-2022-22476 |

Software Advisories

Advisory ID	Software	Component	Link
6621141			www.ibm.com/support/pages/node/6621141

By selecting these links, you may be leaving CVEreport webspace. We have provided these links to other websites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other websites that are more appropriate for your purpose. CVEreport does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, CVEreport does not endorse any commercial products that may be mentioned on these sites. Please address comments about any linked pages to [email protected].