Vulnerability Description
IBM Datapower Gateway 10.0.2.0 through 10.0.4.0, 10.0.1.0 through 10.0.1.5, and 2018.4.1.0 through 2018.4.1.18 could allow unauthorized viewing of logs and files due to insufficient authorization checks. IBM X-Force ID: 218856.
CVSS Score
LOW
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Datapower Gateway | >= 10.0.1.0, < 10.0.1.6 |
| Ibm | Mq Appliance M2002 Firmware | < 9.2.0.5 |
| Ibm | Mq Appliance M2002 | - |
| Ibm | Mq Appliance M2001 Firmware | < 9.2.0.5 |
| Ibm | Mq Appliance M2001 | - |
Related Weaknesses (CWE)
References
- https://exchange.xforce.ibmcloud.com/vulnerabilities/218856VDB EntryVendor Advisory
- https://www.ibm.com/support/pages/node/6560048PatchVendor Advisory
- https://www.ibm.com/support/pages/node/6608598PatchVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/218856VDB EntryVendor Advisory
- https://www.ibm.com/support/pages/node/6560048PatchVendor Advisory
- https://www.ibm.com/support/pages/node/6608598PatchVendor Advisory
FAQ
What is CVE-2022-22326?
CVE-2022-22326 is a vulnerability with a CVSS score of 3.3 (LOW). IBM Datapower Gateway 10.0.2.0 through 10.0.4.0, 10.0.1.0 through 10.0.1.5, and 2018.4.1.0 through 2018.4.1.18 could allow unauthorized viewing of logs and files due to insufficient authorization chec...
How severe is CVE-2022-22326?
CVE-2022-22326 has been rated LOW with a CVSS base score of 3.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2022-22326?
Check the references section above for vendor advisories and patch information. Affected products include: Ibm Datapower Gateway, Ibm Mq Appliance M2002 Firmware, Ibm Mq Appliance M2002, Ibm Mq Appliance M2001 Firmware, Ibm Mq Appliance M2001.