CVE-2022-43855 — MEDIUM (6.2)

Vulnerability Description

IBM SPSS Statistics 26.0, 27.0.1, and 28.0 IO Module could allow a local user to create multiple files that could exhaust the file handles capacity and cause a denial of service.

CVSS Score

6.2

MEDIUM

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

NONE

Integrity

NONE

Availability

HIGH

Affected Products

Vendor	Product	Versions
Ibm	Spss Statistics	26.0.0.0

Related Weaknesses (CWE)

CWE-399

References

https://www.ibm.com/support/pages/node/7130881Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/239235Vendor Advisory
https://www.ibm.com/support/pages/node/7130881Vendor Advisory

FAQ

What is CVE-2022-43855?

CVE-2022-43855 is a vulnerability with a CVSS score of 6.2 (MEDIUM). IBM SPSS Statistics 26.0, 27.0.1, and 28.0 IO Module could allow a local user to create multiple files that could exhaust the file handles capacity and cause a denial of service.

How severe is CVE-2022-43855?

CVE-2022-43855 has been rated MEDIUM with a CVSS base score of 6.2/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2022-43855?

Check the references section above for vendor advisories and patch information. Affected products include: Ibm Spss Statistics.