1. Home
  2. CVE Database
  3. CVE-2022-22396
HIGH · 7.5

CVE-2022-22396

Credentials are printed in clear text in the IBM Spectrum Protect Plus 10.1.0.0 through 10.1.9.3 virgo log file in certain cases. Credentials could be the remote vSnap, offload targets, or VADP creden...

Vulnerability Description

Credentials are printed in clear text in the IBM Spectrum Protect Plus 10.1.0.0 through 10.1.9.3 virgo log file in certain cases. Credentials could be the remote vSnap, offload targets, or VADP credentials depending on the operation performed. Credentials that are using API key or certificate are not printed. IBM X-Force ID: 222231.

CVSS Score

7.5

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
NONE
Availability
NONE

Affected Products

VendorProductVersions
IbmSpectrum Protect Plus>= 10.1.0, < 10.1.10
LinuxLinux Kernel-

Related Weaknesses (CWE)

CWE-522

References

FAQ

What is CVE-2022-22396?

CVE-2022-22396 is a vulnerability with a CVSS score of 7.5 (HIGH). Credentials are printed in clear text in the IBM Spectrum Protect Plus 10.1.0.0 through 10.1.9.3 virgo log file in certain cases. Credentials could be the remote vSnap, offload targets, or VADP creden...

How severe is CVE-2022-22396?

CVE-2022-22396 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2022-22396?

Check the references section above for vendor advisories and patch information. Affected products include: Ibm Spectrum Protect Plus, Linux Linux Kernel.