CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2022-22349

IBM Sterling External Authentication Server 3.4.3.2, 6.0.2.0, and 6.0.3.0 is vulnerable to path traversals, due to not properly validating RESTAPI configuration data. An authorized user could import invalid data which could be used for an attack. IBM X-Force ID: 220144.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 58.8%

CVSS Severity

CVSS v3 Score 4.3

CVSS v2 Score 4.0

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/220144
https://www.ibm.com/support/pages/node/6558928
https://exchange.xforce.ibmcloud.com/vulnerabilities/220144
https://www.ibm.com/support/pages/node/6558928

Products affected by CVE-2022-22349

Ibm » Sterling External Authentication Server » Version: 3.4.3.2

cpe:2.3:a:ibm:sterling_external_authentication_server:3.4.3.2
Ibm » Sterling External Authentication Server » Version: 6.0.2.0

cpe:2.3:a:ibm:sterling_external_authentication_server:6.0.2.0
Ibm » Sterling External Authentication Server » Version: 6.0.3.0

cpe:2.3:a:ibm:sterling_external_authentication_server:6.0.3.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-22349

Products

Pricing

Contact Us