Vulnerability Details CVE-2022-42438
IBM Cloud Pak for Multicloud Management Monitoring 2.0 and 2.3 allows users without admin roles access to admin functions by specifying direct URL paths. IBM X-Force ID: 238210.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 20.2%
CVSS Severity
CVSS v3 Score 7.5
References
Products affected by CVE-2022-42438
-
cpe:2.3:a:ibm:cloud_pak_for_multicloud_management_monitoring:2.0.0
-
cpe:2.3:a:ibm:cloud_pak_for_multicloud_management_monitoring:2.2.0
-
cpe:2.3:a:ibm:cloud_pak_for_multicloud_management_monitoring:2.2.6
-
cpe:2.3:a:ibm:cloud_pak_for_multicloud_management_monitoring:2.3.0
-
cpe:2.3:o:linux:linux_kernel:-