{"containers":{"cna":{"affected":[{"product":"Spectrum Copy Data Management","vendor":"IBM","versions":[{"status":"affected","version":"2.2.0.0"},{"status":"affected","version":"2.2.15.0"}]}],"datePublic":"2022-06-09T00:00:00.000Z","descriptions":[{"lang":"en","value":"IBM Spectrum Copy Data Management Admin 2.2.0.0 through 2.2.15.0 could allow a local attacker to bypass authentication restrictions, caused by the lack of proper session management. An attacker could exploit this vulnerability to bypass authentication and gain unauthorized access to the Spectrum Copy Data Management catalog which contains metadata. IBM X-Force ID: 223718."}],"metrics":[{"cvssV3_0":{"attackComplexity":"HIGH","attackVector":"LOCAL","availabilityImpact":"NONE","baseScore":2.9,"baseSeverity":"LOW","confidentialityImpact":"LOW","exploitCodeMaturity":"UNPROVEN","integrityImpact":"NONE","privilegesRequired":"NONE","remediationLevel":"OFFICIAL_FIX","reportConfidence":"CONFIRMED","scope":"UNCHANGED","temporalScore":2.6,"temporalSeverity":"LOW","userInteraction":"NONE","vectorString":"CVSS:3.0/A:N/AC:H/I:N/S:U/C:L/UI:N/AV:L/PR:N/RC:C/RL:O/E:U","version":"3.0"}}],"problemTypes":[{"descriptions":[{"description":"Obtain Information","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2022-06-10T16:00:21.000Z","orgId":"9a959283-ebb5-44b6-b705-dcc2bbced522","shortName":"ibm"},"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://www.ibm.com/support/pages/node/6593721"},{"name":"ibm-spectrum-cve202222426-info-disc (223718)","tags":["vdb-entry","x_refsource_XF"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/223718"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"psirt@us.ibm.com","DATE_PUBLIC":"2022-06-09T00:00:00","ID":"CVE-2022-22426","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"Spectrum Copy Data Management","version":{"version_data":[{"version_value":"2.2.0.0"},{"version_value":"2.2.15.0"}]}}]},"vendor_name":"IBM"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"IBM Spectrum Copy Data Management Admin 2.2.0.0 through 2.2.15.0 could allow a local attacker to bypass authentication restrictions, caused by the lack of proper session management. An attacker could exploit this vulnerability to bypass authentication and gain unauthorized access to the Spectrum Copy Data Management catalog which contains metadata. IBM X-Force ID: 223718."}]},"impact":{"cvssv3":{"BM":{"A":"N","AC":"H","AV":"L","C":"L","I":"N","PR":"N","S":"U","UI":"N"},"TM":{"E":"U","RC":"C","RL":"O"}}},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"Obtain Information"}]}]},"references":{"reference_data":[{"name":"https://www.ibm.com/support/pages/node/6593721","refsource":"CONFIRM","title":"IBM Security Bulletin 6593721 (Spectrum Copy Data Management)","url":"https://www.ibm.com/support/pages/node/6593721"},{"name":"ibm-spectrum-cve202222426-info-disc (223718)","refsource":"XF","title":"X-Force Vulnerability Report","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/223718"}]}}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-03T03:14:55.226Z"},"title":"CVE Program Container","references":[{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://www.ibm.com/support/pages/node/6593721"},{"name":"ibm-spectrum-cve202222426-info-disc (223718)","tags":["vdb-entry","x_refsource_XF","x_transferred"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/223718"}]}]},"cveMetadata":{"assignerOrgId":"9a959283-ebb5-44b6-b705-dcc2bbced522","assignerShortName":"ibm","cveId":"CVE-2022-22426","datePublished":"2022-06-10T16:00:21.215Z","dateReserved":"2022-01-03T00:00:00.000Z","dateUpdated":"2024-09-16T23:36:56.867Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"}