CVE-2022-22478

Published: Jun 30, 2022Modified: Nov 21, 2024

5.5

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Exploitability: 1.8 / Impact: 3.6

Source: NVD

Description

IBM Spectrum Protect Client 8.1.0.0 through 8.1.14.0 stores user credentials in plain clear text which can be read by a local user. IBM X-Force ID: 225886.

Affected (1)

Products: Ibm: Spectrum Protect Client

Ibm

1 product

Spectrum Protect Client

Configuration A

1 vulnerable · 6 platform

Vulnerable Software	Affected Versions
Ibm Spectrum Protect Client	From 8.1.0.0 to 8.1.14.0

Running on/with	Platform Versions
Apple Macos	All versions
Hp Hp Ux	All versions
Ibm Aix	All versions
Linux Linux Kernel	All versions
Microsoft Windows	All versions
Oracle Solaris	All versions

Related CWEs

CWE-312

Cleartext Storage of Sensitive Information

The product stores sensitive information in cleartext within a resource that might be accessible to another control sphere.

References (4)

https://exchange.xforce.ibmcloud.com/vulnerabilities/225886

Source: psirt@us.ibm.com

VDB Entry

https://www.ibm.com/support/pages/node/6596741

Source: psirt@us.ibm.com

PatchVendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/225886

Source: af854a3a-2127-422b-91ae-364da2661108

VDB Entry

https://www.ibm.com/support/pages/node/6596741

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

Timeline

No history available yet.