admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-07 13:36:56 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2022/CVE-2022-438xx/CVE-2022-43864.json
René Helmke 7791f18b51 bootstrap
2023-05-16 16:09:41 +02:00

157 lines
4.7 KiB
JSON
Raw Blame History

{
"id": "CVE-2022-43864",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-01-26T21:17:48.697",
"lastModified": "2023-02-01T20:43:19.857",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "IBM Business Automation Workflow 22.0.2 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing \"dot dot\" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 239427."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "psirt@us.ibm.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "psirt@us.ibm.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:business_automation_workflow:*:*:*:*:traditional:*:*:*",
"versionStartIncluding": "21.0.1",
"versionEndIncluding": "21.0.3.1",
"matchCriteriaId": "47064639-B3A7-4F99-8823-40D2C9FE3C1A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:business_automation_workflow:20.0.0.1:*:*:*:traditional:*:*:*",
"matchCriteriaId": "D36329EB-4317-4AB1-85FA-4E23F185C179"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:business_automation_workflow:20.0.0.2:*:*:*:traditional:*:*:*",
"matchCriteriaId": "8C7FDEC2-CBE3-4C5B-917D-37F2612018FB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:business_automation_workflow:22.0.1:*:*:*:traditional:*:*:*",
"matchCriteriaId": "8C6D1E72-FC9F-4A0A-8E80-A3CA8CB0EDAA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:business_automation_workflow:22.0.2:*:*:*:traditional:*:*:*",
"matchCriteriaId": "DFB13BEC-206E-41B3-A4F3-9281EBB0E213"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:business_monitor:8.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B27F3476-A531-4B6C-86E1-1D0CCDF793E2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:business_monitor:8.5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "61F27962-673C-4501-AA15-182164FBB4BD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:business_monitor:8.5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "51681BF1-DFD8-40A5-B5A9-6A467A038621"
}
]
}
]
}
],
"references": [
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/239427",
"source": "psirt@us.ibm.com",
"tags": [
"VDB Entry"
]
},
{
"url": "https://www.ibm.com/support/pages/node/6857223",
"source": "psirt@us.ibm.com",
"tags": [
"Patch",
"Vendor Advisory"
]
},
{
"url": "https://www.ibm.com/support/pages/node/6857239",
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink