Vulnerability Description
IBM Spectrum Protect Operations Center 8.1.12 and 8.1.13 could allow a local attacker to obtain sensitive information, caused by plain text user account passwords potentially being stored in the browser's application command history. By accessing browser history, an attacker could exploit this vulnerability to obtain other user accounts' passwords. IBM X-Force ID: 226322.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Spectrum Protect | >= 8.1.12.000, < 8.1.14 |
| Ibm | Aix | - |
| Linux | Linux Kernel | - |
| Microsoft | Windows | - |
Related Weaknesses (CWE)
References
- https://exchange.xforce.ibmcloud.com/vulnerabilities/226322VDB EntryVendor Advisory
- https://www.ibm.com/support/pages/node/6586314PatchVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/226322VDB EntryVendor Advisory
- https://www.ibm.com/support/pages/node/6586314PatchVendor Advisory
FAQ
What is CVE-2022-22484?
CVE-2022-22484 is a vulnerability with a CVSS score of 5.5 (MEDIUM). IBM Spectrum Protect Operations Center 8.1.12 and 8.1.13 could allow a local attacker to obtain sensitive information, caused by plain text user account passwords potentially being stored in the brows...
How severe is CVE-2022-22484?
CVE-2022-22484 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2022-22484?
Check the references section above for vendor advisories and patch information. Affected products include: Ibm Spectrum Protect, Ibm Aix, Linux Linux Kernel, Microsoft Windows.