CVE-2022-22349

Summary

IBM Sterling External Authentication Server 3.4.3.2, 6.0.2.0, and 6.0.3.0 is vulnerable to path traversals, due to not properly validating RESTAPI configuration data. An authorized user could import invalid data which could be used for an attack. IBM X-Force ID: 220144.

Affected Software

VendorProductVersion RangeStatus
IBMSterling External Authentication Server6.0.3.0affected
IBMSterling External Authentication Server6.0.2.0affected
IBMSterling External Authentication Server3.4.3.2affected

Weaknesses

  • Gain Access

ADP Enrichment

CVE Program Container

Additional References

References