CVE-2022-22309 MEDIUM

CVE-2022-22309

Vendor Ibm
Product Power System S922 Server
Published May 24, 2022
Last update September 16, 2024

CVSS base score

6.8/10
Attack vector Physical
Attack complexity Low
Privileges required None
User interaction None
Confidentiality High
Integrity High

CVSS vector

CVSS:3.0/AV:P/UI:N/A:H/C:H/S:U/AC:L/I:H/PR:N/RC:C/E:U/RL:O

What the vulnerability does

01Description

The POWER systems FSP is vulnerable to unauthenticated logins through the serial port/TTY interface. This vulnerability can be more critical if the serial port is connected to a serial-over-lan device. IBM X-Force ID: 217095.

Key dates

02Disclosure timeline

May 24, 2022 CVE published
September 16, 2024 Record updated