CVE-2022-22484 MEDIUM

CVE-2022-22484

Vendor Ibm
Product Spectrum Protect Operations Center
Published May 17, 2022
Last update September 16, 2024

CVSS base score

5.1/10
Attack vector Local
Attack complexity High
Privileges required None
User interaction None
Confidentiality High
Integrity None

CVSS vector

CVSS:3.0/AC:H/A:N/AV:L/PR:N/S:U/C:H/I:N/UI:N/E:U/RL:O/RC:C

What the vulnerability does

01Description

IBM Spectrum Protect Operations Center 8.1.12 and 8.1.13 could allow a local attacker to obtain sensitive information, caused by plain text user account passwords potentially being stored in the browser's application command history. By accessing browser history, an attacker could exploit this vulnerability to obtain other user accounts' passwords. IBM X-Force ID: 226322.

Key dates

02Disclosure timeline

May 17, 2022 CVE published
September 16, 2024 Record updated