Vulnerability Details CVE-2022-43581
IBM Content Navigator 3.0.0, 3.0.1, 3.0.2, 3.0.3, 3.0.4, 3.0.5, 3.0.6, 3.0.7, 3.0.8, 3.0.9, 3.0.10, 3.0.11, and 3.0.12 is vulnerable to missing authorization and could allow an authenticated user to load external plugins and execute code. IBM X-Force ID: 238805.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 23.1%
CVSS Severity
CVSS v3 Score 7.5
References
Products affected by CVE-2022-43581
-
cpe:2.3:a:ibm:content_navigator:3.0.0
-
cpe:2.3:a:ibm:content_navigator:3.0.1
-
cpe:2.3:a:ibm:content_navigator:3.0.10
-
cpe:2.3:a:ibm:content_navigator:3.0.11
-
cpe:2.3:a:ibm:content_navigator:3.0.12
-
cpe:2.3:a:ibm:content_navigator:3.0.2
-
cpe:2.3:a:ibm:content_navigator:3.0.3
-
cpe:2.3:a:ibm:content_navigator:3.0.7
-
cpe:2.3:a:ibm:content_navigator:3.0.8
-
cpe:2.3:a:ibm:content_navigator:3.0.9