CVE-2022-22393 LOW

CVE-2022-22393

Vendor Ibm
Product WebSphere Application Server Liberty
Published May 13, 2022
Last update September 17, 2024

CVSS base score

3.1/10
Attack vector Network
Attack complexity High
Privileges required Low
User interaction None
Confidentiality Low
Integrity None

CVSS vector

CVSS:3.0/A:N/AV:N/C:L/UI:N/I:N/S:U/PR:L/AC:H/E:U/RL:O/RC:C

What the vulnerability does

01Description

IBM WebSphere Application Server Liberty 17.0.0.3 through 22.0.0.5 , with the adminCenter-1.0 feature configured, could allow an authenticated user to issue a request to obtain the status of HTTP/HTTPS ports which are accessible by the application server. IBM X-Force ID: 222078.

Key dates

02Disclosure timeline

May 13, 2022 CVE published
September 17, 2024 Record updated