Vulnerability Details CVE-2022-43581
IBM Content Navigator 3.0.0, 3.0.1, 3.0.2, 3.0.3, 3.0.4, 3.0.5, 3.0.6, 3.0.7, 3.0.8, 3.0.9, 3.0.10, 3.0.11, and 3.0.12 is vulnerable to missing authorization and could allow an authenticated user to load external plugins and execute code. IBM X-Force ID: 238805.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 60.1%
CVSS Severity
CVSS v3 Score 7.5
References
Products affected by CVE-2022-43581
-
cpe:2.3:a:ibm:content_navigator:3.0.0
-
cpe:2.3:a:ibm:content_navigator:3.0.1
-
cpe:2.3:a:ibm:content_navigator:3.0.10
-
cpe:2.3:a:ibm:content_navigator:3.0.11
-
cpe:2.3:a:ibm:content_navigator:3.0.12
-
cpe:2.3:a:ibm:content_navigator:3.0.2
-
cpe:2.3:a:ibm:content_navigator:3.0.3
-
cpe:2.3:a:ibm:content_navigator:3.0.7
-
cpe:2.3:a:ibm:content_navigator:3.0.8
-
cpe:2.3:a:ibm:content_navigator:3.0.9