CVE-2022-22493 LOW

CVE-2022-22493

Vendor Ibm
Product WebSphere Automation for Cloud Pak for Watson AIOps
Published October 7, 2022
Last update September 16, 2024

CVSS base score

3.5/10
Attack vector Network
Attack complexity Low
Privileges required Low
User interaction Required
Confidentiality None
Integrity Low

CVSS vector

CVSS:3.0/AV:N/A:N/UI:R/PR:L/S:U/AC:L/I:L/C:N/RL:O/E:U/RC:C

What the vulnerability does

01Description

IBM WebSphere Automation for Cloud Pak for Watson AIOps 1.4.2 is vulnerable to cross-site request forgery, caused by improper cookie attribute setting. IBM X-Force ID: 226449.

Key dates

02Disclosure timeline

October 7, 2022 CVE published
September 16, 2024 Record updated