CVE-2022-22484
5.1
CVSS:3.0/AC:H/A:N/AV:L/PR:N/S:U/C:H/I:N/UI:N/E:U/RL:O/RC:C
Summary
IBM Spectrum Protect Operations Center 8.1.12 and 8.1.13 could allow a local attacker to obtain sensitive information, caused by plain text user account passwords potentially being stored in the browser's application command history. By accessing browser history, an attacker could exploit this vulnerability to obtain other user accounts' passwords. IBM X-Force ID: 226322.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| IBM | Spectrum Protect Operations Center | 8.1.13 | affected |
| IBM | Spectrum Protect Operations Center | 8.1.12 | affected |
Weaknesses
- Obtain Information
ADP Enrichment
CVE Program Container
Additional References
- https://www.ibm.com/support/pages/node/6586314
- https://exchange.xforce.ibmcloud.com/vulnerabilities/226322
References
- https://www.ibm.com/support/pages/node/6586314
- https://exchange.xforce.ibmcloud.com/vulnerabilities/226322
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.