admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

IBM20220630-122129

Browse Source 
Added CVE-2022-22478, CVE-2022-22496, CVE-2022-22487, CVE-2022-22474
This commit is contained in:
Scott Moore - IBM 2022-06-30 12:21:29 -04:00
parent 0ccde70d41
commit 958976947e
No known key found for this signature in database
GPG Key ID: 8E6C411D57F2D75C
4 changed files with 360 additions and 60 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

105
2022/22xxx/CVE-2022-22474.json
View File

@ -1,18 +1,93 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-22474",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
"CVE_data_meta" : {
"ID" : "CVE-2022-22474",
"ASSIGNER" : "psirt@us.ibm.com",
"DATE_PUBLIC" : "2022-06-29T00:00:00",
"STATE" : "PUBLIC"
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Denial of Service"
}
]
}
]
},
"data_format" : "MITRE",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Spectrum Protect 8.1.0.0 through 8.1.14.0 dsmcad, dsmc, and dsmcsvc processes incorrectly handle certain read operations on TCP/IP sockets. This can result in a denial of service for IBM Spectrum Protect client operations. IBM X-Force ID: 225348."
}
]
},
"data_version" : "4.0",
"affects" : {
"vendor" : {
"vendor_data" : [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"product" : {
"product_data" : [
{
"product_name" : "Spectrum Protect Client",
"version" : {
"version_data" : [
{
"version_value" : "8.1.0.0"
},
{
"version_value" : "8.1.14.0"
}
]
}
}
]
},
"vendor_name" : "IBM"
}
]
}
}
]
}
},
"references" : {
"reference_data" : [
{
"url" : "https://www.ibm.com/support/pages/node/6596741",
"name" : "https://www.ibm.com/support/pages/node/6596741",
"title" : "IBM Security Bulletin 6596741 (Spectrum Protect Client)",
"refsource" : "CONFIRM"
},
{
"refsource" : "XF",
"title" : "X-Force Vulnerability Report",
"name" : "ibm-spectrum-cve202222474-dos (225348)",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/225348"
}
]
},
"data_type" : "CVE",
"impact" : {
"cvssv3" : {
"TM" : {
"RC" : "C",
"E" : "U",
"RL" : "O"
},
"BM" : {
"A" : "H",
"S" : "U",
"SCORE" : "5.900",
"AV" : "N",
"UI" : "N",
"AC" : "H",
"C" : "N",
"I" : "N",
"PR" : "N"
}
}
}
}

105
2022/22xxx/CVE-2022-22478.json
View File

@ -1,18 +1,93 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-22478",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
"impact" : {
"cvssv3" : {
"BM" : {
"C" : "H",
"I" : "N",
"PR" : "N",
"AV" : "L",
"AC" : "L",
"UI" : "N",
"S" : "U",
"A" : "N",
"SCORE" : "6.200"
},
"TM" : {
"RL" : "O",
"RC" : "C",
"E" : "U"
}
}
},
"data_type" : "CVE",
"affects" : {
"vendor" : {
"vendor_data" : [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"version" : {
"version_data" : [
{
"version_value" : "8.1.0.0"
},
{
"version_value" : "8.1.14.0"
}
]
},
"product_name" : "Spectrum Protect Client"
}
]
}
}
]
}
}
]
}
},
"references" : {
"reference_data" : [
{
"refsource" : "CONFIRM",
"name" : "https://www.ibm.com/support/pages/node/6596741",
"title" : "IBM Security Bulletin 6596741 (Spectrum Protect Client)",
"url" : "https://www.ibm.com/support/pages/node/6596741"
},
{
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/225886",
"refsource" : "XF",
"title" : "X-Force Vulnerability Report",
"name" : "ibm-spectrum-cve202222478-info-disc (225886)"
}
]
},
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Spectrum Protect Client 8.1.0.0 through 8.1.14.0 stores user credentials in plain clear text which can be read by a local user. IBM X-Force ID: 225886."
}
]
},
"data_format" : "MITRE",
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Obtain Information"
}
]
}
]
},
"CVE_data_meta" : {
"ID" : "CVE-2022-22478",
"DATE_PUBLIC" : "2022-06-29T00:00:00",
"STATE" : "PUBLIC",
"ASSIGNER" : "psirt@us.ibm.com"
}
}

105
2022/22xxx/CVE-2022-22487.json
View File

@ -1,18 +1,93 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-22487",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
"impact" : {
"cvssv3" : {
"TM" : {
"RL" : "O",
"RC" : "C",
"E" : "U"
},
"BM" : {
"S" : "U",
"A" : "N",
"SCORE" : "5.900",
"AV" : "N",
"AC" : "H",
"UI" : "N",
"PR" : "N",
"I" : "N",
"C" : "H"
}
}
},
"data_type" : "CVE",
"affects" : {
"vendor" : {
"vendor_data" : [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"product_name" : "Spectrum Protect Server",
"version" : {
"version_data" : [
{
"version_value" : "8.1.0.000"
},
{
"version_value" : "8.1.14"
}
]
}
}
]
}
}
]
}
}
]
}
},
"references" : {
"reference_data" : [
{
"url" : "https://www.ibm.com/support/pages/node/6596881",
"refsource" : "CONFIRM",
"title" : "IBM Security Bulletin 6596881 (Spectrum Protect Server)",
"name" : "https://www.ibm.com/support/pages/node/6596881"
},
{
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/226326",
"title" : "X-Force Vulnerability Report",
"name" : "ibm-spectrum-cve202222487-info-disc (226326)",
"refsource" : "XF"
}
]
},
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An IBM Spectrum Protect storage agent could allow a remote attacker to perform a brute force attack by allowing unlimited attempts to login to the storage agent without locking the administrative ID. A remote attacker could exploit this vulnerability using brute force techniques to gain unauthorized administrative access to both the IBM Spectrum Protect storage agent and the IBM Spectrum Protect Server 8.1.0.000 through 8.1.14 with which it communicates. IBM X-Force ID: 226326."
}
]
},
"data_format" : "MITRE",
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Obtain Information",
"lang" : "eng"
}
]
}
]
},
"CVE_data_meta" : {
"ID" : "CVE-2022-22487",
"STATE" : "PUBLIC",
"DATE_PUBLIC" : "2022-06-29T00:00:00",
"ASSIGNER" : "psirt@us.ibm.com"
}
}

105
2022/22xxx/CVE-2022-22496.json
View File

@ -1,18 +1,93 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-22496",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
"data_format" : "MITRE",
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"STATE" : "PUBLIC",
"DATE_PUBLIC" : "2022-06-29T00:00:00",
"ID" : "CVE-2022-22496"
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Obtain Information",
"lang" : "eng"
}
]
}
]
},
"description" : {
"description_data" : [
{
"value" : "While a user account for the IBM Spectrum Protect Server 8.1.0.000 through 8.1.14 is being established, it may be configured to use SESSIONSECURITY=TRANSITIONAL. While in this mode, it may be susceptible to an offline dictionary attack. IBM X-Force ID: 226942.",
"lang" : "eng"
}
]
},
"data_version" : "4.0",
"data_type" : "CVE",
"impact" : {
"cvssv3" : {
"TM" : {
"RC" : "C",
"E" : "U",
"RL" : "O"
},
"BM" : {
"A" : "N",
"S" : "U",
"SCORE" : "5.300",
"C" : "H",
"PR" : "N",
"I" : "N",
"AV" : "A",
"UI" : "N",
"AC" : "H"
}
}
},
"references" : {
"reference_data" : [
{
"url" : "https://www.ibm.com/support/pages/node/6596881",
"name" : "https://www.ibm.com/support/pages/node/6596881",
"title" : "IBM Security Bulletin 6596881 (Spectrum Protect Server)",
"refsource" : "CONFIRM"
},
{
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/226942",
"refsource" : "XF",
"title" : "X-Force Vulnerability Report",
"name" : "ibm-spectrum-cve202222496-info-disc (226942)"
}
]
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"product_name" : "Spectrum Protect Server",
"version" : {
"version_data" : [
{
"version_value" : "8.1.0.000"
},
{
"version_value" : "8.1.14"
}
]
}
}
]
}
}
]
}
}
]
}
}
}