Vulnerability Details CVE-2022-22485
In some cases, an unsuccessful attempt to log into IBM Spectrum Protect Operations Center 8.1.0.000 through 8.1.14.000 does not cause the administrator's invalid sign-on count to be incremented on the IBM Spectrum Protect Server. An attacker could exploit this vulnerability using brute force techniques to gain unauthorized administrative access to the IBM Spectrum Protect Server. IBM X-Force ID: 226325.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 46.0%
CVSS Severity
CVSS v3 Score 5.9
CVSS v2 Score 7.5
References
Products affected by CVE-2022-22485
-
cpe:2.3:a:ibm:spectrum_protect_operations_center:8.1.0.000
-
cpe:2.3:a:ibm:spectrum_protect_operations_center:8.1.1.000
-
cpe:2.3:a:ibm:spectrum_protect_operations_center:8.1.10
-
cpe:2.3:a:ibm:spectrum_protect_operations_center:8.1.10.000
-
cpe:2.3:a:ibm:spectrum_protect_operations_center:8.1.10.200
-
cpe:2.3:a:ibm:spectrum_protect_operations_center:8.1.13.000
-
cpe:2.3:a:ibm:spectrum_protect_operations_center:8.1.14.000
-
cpe:2.3:a:ibm:spectrum_protect_operations_center:8.1.2.000
-
cpe:2.3:a:ibm:spectrum_protect_operations_center:8.1.3.000
-
cpe:2.3:a:ibm:spectrum_protect_operations_center:8.1.4.000
-
cpe:2.3:a:ibm:spectrum_protect_operations_center:8.1.5.000
-
cpe:2.3:a:ibm:spectrum_protect_operations_center:8.1.6.000
-
cpe:2.3:a:ibm:spectrum_protect_operations_center:8.1.7.000
-
cpe:2.3:a:ibm:spectrum_protect_operations_center:8.1.8.000
-
cpe:2.3:a:ibm:spectrum_protect_operations_center:8.1.9.000
-
cpe:2.3:o:ibm:aix:-
-
cpe:2.3:o:linux:linux_kernel:-
-
cpe:2.3:o:microsoft:windows:-