CVE-2022-38712

Summary

"IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 Web services could allow a man-in-the-middle attacker to conduct SOAPAction spoofing to execute unwanted or unauthorized operations. IBM X-Force ID: 234762."

Affected Software

VendorProductVersion RangeStatus
n/aIBM WebSphere Application Server"7.0, 8.0, 8.5, and 9.0"affected

Weaknesses

  • Command Execution

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References