CVE-2022-22396
6.8
CVSS:3.0/I:N/A:N/AV:N/AC:L/S:C/UI:N/PR:H/C:H/RL:O/E:U/RC:C
Summary
Credentials are printed in clear text in the IBM Spectrum Protect Plus 10.1.0.0 through 10.1.9.3 virgo log file in certain cases. Credentials could be the remote vSnap, offload targets, or VADP credentials depending on the operation performed. Credentials that are using API key or certificate are not printed. IBM X-Force ID: 222231.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| IBM | Spectrum Protect Plus | 10.1.0.0 | affected |
| IBM | Spectrum Protect Plus | 10.1.9.3 | affected |
Weaknesses
- Obtain Information
ADP Enrichment
CVE Program Container
Additional References
- https://www.ibm.com/support/pages/node/6591505
- https://exchange.xforce.ibmcloud.com/vulnerabilities/222231
References
- https://www.ibm.com/support/pages/node/6591505
- https://exchange.xforce.ibmcloud.com/vulnerabilities/222231
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.