cvelist/2022/22xxx/CVE-2022-22426.json

{
    "description": {
        "description_data": [
            {
                "value": "IBM Spectrum Copy Data Management Admin 2.2.0.0 through 2.2.15.0 could allow a local attacker to bypass authentication restrictions, caused by the lack of proper session management. An attacker could exploit this vulnerability to bypass authentication and gain unauthorized access to the Spectrum Copy Data Management catalog which contains metadata. IBM X-Force ID: 223718.",
                "lang": "eng"
            }
        ]
    },
    "references": {
        "reference_data": [
            {
                "name": "https://www.ibm.com/support/pages/node/6593721",
                "url": "https://www.ibm.com/support/pages/node/6593721",
                "refsource": "CONFIRM",
                "title": "IBM Security Bulletin 6593721 (Spectrum Copy Data Management)"
            },
            {
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/223718",
                "name": "ibm-spectrum-cve202222426-info-disc (223718)",
                "title": "X-Force Vulnerability Report",
                "refsource": "XF"
            }
        ]
    },
    "CVE_data_meta": {
        "ASSIGNER": "psirt@us.ibm.com",
        "STATE": "PUBLIC",
        "ID": "CVE-2022-22426",
        "DATE_PUBLIC": "2022-06-09T00:00:00"
    },
    "problemtype": {
        "problemtype_data": [
            {
                "description": [
                    {
                        "value": "Obtain Information",
                        "lang": "eng"
                    }
                ]
            }
        ]
    },
    "affects": {
        "vendor": {
            "vendor_data": [
                {
                    "vendor_name": "IBM",
                    "product": {
                        "product_data": [
                            {
                                "product_name": "Spectrum Copy Data Management",
                                "version": {
                                    "version_data": [
                                        {
                                            "version_value": "2.2.0.0"
                                        },
                                        {
                                            "version_value": "2.2.15.0"
                                        }
                                    ]
                                }
                            }
                        ]
                    }
                }
            ]
        }
    },
    "data_format": "MITRE",
    "impact": {
        "cvssv3": {
            "BM": {
                "A": "N",
                "AC": "H",
                "I": "N",
                "S": "U",
                "C": "L",
                "UI": "N",
                "AV": "L",
                "PR": "N",
                "SCORE": "2.900"
            },
            "TM": {
                "RC": "C",
                "RL": "O",
                "E": "U"
            }
        }
    },
    "data_type": "CVE",
    "data_version": "4.0"
}
"-Synchronized-Data." 2022-01-03 23:01:19 +00:00			`{`
"-Synchronized-Data." 2022-06-10 17:01:40 +00:00			`"description": {`
			`"description_data": [`
			`{`
			`"value": "IBM Spectrum Copy Data Management Admin 2.2.0.0 through 2.2.15.0 could allow a local attacker to bypass authentication restrictions, caused by the lack of proper session management. An attacker could exploit this vulnerability to bypass authentication and gain unauthorized access to the Spectrum Copy Data Management catalog which contains metadata. IBM X-Force ID: 223718.",`
			`"lang": "eng"`
			`}`
			`]`
			`},`
			`"references": {`
			`"reference_data": [`
			`{`
			`"name": "https://www.ibm.com/support/pages/node/6593721",`
			`"url": "https://www.ibm.com/support/pages/node/6593721",`
			`"refsource": "CONFIRM",`
			`"title": "IBM Security Bulletin 6593721 (Spectrum Copy Data Management)"`
			`},`
"-Synchronized-Data." 2022-01-03 23:01:19 +00:00			`{`
"-Synchronized-Data." 2022-06-10 17:01:40 +00:00			`"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/223718",`
			`"name": "ibm-spectrum-cve202222426-info-disc (223718)",`
			`"title": "X-Force Vulnerability Report",`
			`"refsource": "XF"`
			`}`
			`]`
			`},`
			`"CVE_data_meta": {`
			`"ASSIGNER": "psirt@us.ibm.com",`
			`"STATE": "PUBLIC",`
			`"ID": "CVE-2022-22426",`
			`"DATE_PUBLIC": "2022-06-09T00:00:00"`
			`},`
			`"problemtype": {`
			`"problemtype_data": [`
			`{`
			`"description": [`
			`{`
			`"value": "Obtain Information",`
			`"lang": "eng"`
			`}`
			`]`
			`}`
			`]`
			`},`
			`"affects": {`
			`"vendor": {`
			`"vendor_data": [`
			`{`
			`"vendor_name": "IBM",`
			`"product": {`
			`"product_data": [`
			`{`
			`"product_name": "Spectrum Copy Data Management",`
			`"version": {`
			`"version_data": [`
			`{`
			`"version_value": "2.2.0.0"`
			`},`
			`{`
			`"version_value": "2.2.15.0"`
			`}`
			`]`
			`}`
			`}`
			`]`
			`}`
			`}`
			`]`
			`}`
			`},`
			`"data_format": "MITRE",`
			`"impact": {`
			`"cvssv3": {`
			`"BM": {`
			`"A": "N",`
			`"AC": "H",`
			`"I": "N",`
			`"S": "U",`
			`"C": "L",`
			`"UI": "N",`
			`"AV": "L",`
			`"PR": "N",`
			`"SCORE": "2.900"`
			`},`
			`"TM": {`
			`"RC": "C",`
			`"RL": "O",`
			`"E": "U"`
"-Synchronized-Data." 2022-01-03 23:01:19 +00:00			`}`
"-Synchronized-Data." 2022-06-10 17:01:40 +00:00			`}`
			`},`
			`"data_type": "CVE",`
			`"data_version": "4.0"`
			`}`