Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2022-43581

IBM Content Navigator 3.0.0, 3.0.1, 3.0.2, 3.0.3, 3.0.4, 3.0.5, 3.0.6, 3.0.7, 3.0.8, 3.0.9, 3.0.10, 3.0.11, and 3.0.12 is vulnerable to missing authorization and could allow an authenticated user to load external plugins and execute code. IBM X-Force ID: 238805.

Published

2022-12-07T18:15:10.033

Last Modified

2024-11-21T07:26:49.610

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 7.5 (HIGH)

Weaknesses

Type: Secondary
CWE-119
Type: Primary
CWE-862

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	ibm	content_navigator	≤ 3.0.12	Yes

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/238805 VDB Entry, Vendor Advisory ([email protected])
https://www.ibm.com/support/pages/node/6844453 Patch, Vendor Advisory ([email protected])
https://exchange.xforce.ibmcloud.com/vulnerabilities/238805 VDB Entry, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://www.ibm.com/support/pages/node/6844453 Patch, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)